As we approach our annual shareholder meeting for PowerShell.org, Inc., I wanted to take a moment and share some details about our 2014-2015 operating budget. First, you can always review the budget spreadsheet in our OneDrive account. This is updated as our plans change, prices rise, and so on; you’re welcome to check back whenever you like. Now, let’s talk about some of our organizational goals, and what some of the items in the spreadsheet mean. As you know, we’ve been fortunate to have the support of several corporate sponsors since our invention. MVP Systems, Interface Technical Training, CBT Nuggets, and SAPIEN Technologies have been amongst those helping us out; Interface and SAPIEN both signed on for a generous three-year commitment right when we launched, and we couldn’t have gotten to this point without them. However, we know that companies’ goals and positions change over time, so we’ve been trying to drive to a point where we didn’t need to rely on corporate sponsorship. We now believe that the PowerShell Summit is stable enough that, with a conservative budget, we can meet our operational needs out of the profits from the North America and Europe events. As a note, PowerShell.org isn’t classified as a _nonprofit; _we’re a _not-for-profit. _We’re legally allowed to make a profit; it just isn’t a goal. The corporation pays Federal income tax on any profits, although most of our income is spent on expenses, which end up being deductions. As you’ll notice in the spreadsheet, we believe we can meet our annual operating budget by applying a $175 overhead charge to each attendee of the Summit, assuming we get 100 attendees between the two events annually. That’s _conservative; _the N.A. show has done 100 and 150, in its two years. So in reality the number can probably be much smaller. Our $750 annual AWPP fee includes Summit admission, VERIFIED EFFECTIVE exams, and other benefits; our operating budget reflects the costs for these items (including virtual machine hosting for the examination program). So $175 of that $750 is earmarked for PowerShell.org; that leaves $575 to cover actual Summit expenses. Due to the exchange rate, Europe is our worst-case show for expenses, with a $330/person overhead for food and beverage. The remaining $245 goes to cover speaker overhead: speaker food and beverage (we admit them to the event for free, but they still eat), and some speaker travel reimbursement. With 50 paid attendees, that’s $12,250 in overhead income. Subtract $3300 for 10 speakers’ F&B, and we have about $9000 left to cover other expenses, including some speaker travel reimbursement. The US shows do somewhat better; in reality; we probably will take less than the $175 per person from the Europe show, to allow for more speaker travel expenses, and take a bit more from the US show where our expenses are lower and attendance is known to be higher. Most of the budget line items should be fairly self-explanatory. In some cases, we’re receiving some of the services for free at present; we’ve budgeted to pays for them should our free ride ever end. You’re welcome to ask about anything that seems unclear, too. But you’ll notice that there’s no budget for salaries: nobody associated with PowerShell.org, Inc. is paid for their efforts. We’re run by volunteers. So what happens when we get 200 global Summit attendees instead of the 100 we budget for? That’ll give us an operational pad. In most cases, it means we’ll be able to be a bit more elaborate with the Summit itself, buying some food for an evening event, for example. As I mentioned, it’ll also allow us to better reimburse speakers for their out-of-pocket travel expenses, which is definitely a goal. In fact, one reason we’ve tried to pay the operational budget from just half our expected attendance is specifically so we’ll have extra funds so that speakers don’t have to be entirely out-of-pocket to present at the Summits. I hope this is helpful. As always, feel free to post your questions.
Trend Micro released a report on a new PowerShell-vectored exploit named Black Magic. I had a lovely Twitter conversation about what this means in terms of PowerShell’s vulnerability to attack, and what admins should do. Unfortunately Twitter sucks for carrying on that kind of conversation, so I wanted to post this to clarify a few things. First, I’m going to write this article as if “you” were hit by this exploit. Don’t take it personally, it’s just an easier style of language for me - it’s not actually addressing you. Second, when it comes to security, the goal is to stop attacks from happening. That means you have to consider all the ways something could nail you, and try to block as many of them as is practical. That’s called “defense in depth,” giving you multiple layers of defense. The corollary to that is that your environment must still be functional. I mean, from a secure standpoint, if I unplugged all the WiFi access points and Ethernet switches you have, you’d be pretty secure. And non-functional. Third… and I don’t know how to be delicate about this, but a lot of admins out there aren’t very sophisticated about security. There’s sometimes a tendency to fix what they can get their hands on, whether or not that makes any impact on security or not. So let’s be very clear about what you do when it comes to security: You do as little as possible, and impinge as little functionality as possible, while achieving your security goals. That helps maintain a “functional” environment, and keeps the security aspect of it “maintainable.” Sometimes, “as little as possible” is quite a lot indeed - but you look for that balance. Finally, you almost never do anything to “improve” security if it is in fact a null improvement. That is, you don’t lock the doors if the windows can’t be closed. There’s no point. Now, let’s look at how Black Magic operates.
We’ll be going live with the PowerShell Toolmaker program very soon. Wave 1 will permit our PowerShell Summit N.A. 2014 alumni who registered early and were given a free exam. If you’re one of those folks, and if you would like to be an early registrant, please contact exams at PowerShell.org. You will need to have your Summit confirmation code (it was e-mailed to you when you registered, and was printed on your badge; we cannot provide it to you if you’ve lost it). We’re looking for a small handful of early registrants to take the exam and help us test the grading systems. If you pass, it’s “real,” and you’ll get an e-certificate like the one shown here! How do you know if you got a free exam? There was a slip included with your badge at the Summit. If you weren’t paying attention, we’ll allow you to try entering your Summit confirmation code as an exam voucher to see if it works. If you can’t find your confirmation code, you’re out of luck. Wave 1 is designed to let us test the system and make sure everything is working well, in a small enough scale to manage any problems that arise.
I’m getting a lot of questions from folks, via Twitter and other venues, regarding Windows Management Framework 5.0 - which is where PowerShell v5 comes from. It’s awesome that people are installing v5 and kicking the tires - however, please help spread the word:
v5 is a preview. It isn’t done, and it isn’t guaranteed bug-free. It shouldn’t be installed on production computers until it’s officially released.
v5 doesn’t install ‘side by side’ with v3 or v4. You can’t run it with “-version 3” to “downgrade.” Now, v5 shouldn’t break anything - something that runs in v3 or v4 should still work fine - but there are no guarantees as it’s a preview and not released code at this stage.
Server software (Exchange, SharePoint, etc) often has a hard dependency on a specific version of PowerShell. You need to look into that before you install v5.
After installing v5, you might not be able to cleanly uninstall and revert to a prior version.
Generally speaking, v5 should be installed in a test virtual machine at the very least, not on a production computer. It’s great to play with it, and you should absolutely log bugs and suggestions to http://connect.microsoft.com. This situation will be true for any pre-release preview of PowerShell or WMF going forward. “Preview” is the new Microsoft-speak for “beta,” and you should treat it as such. Play with it, yes - that’s the whole point, and it’s how we get a stable, clean release in the end. But play with caution, and never on production computers.
As you may know, I helped developing the forthcoming Microsoft Official Courseware 10962A class, “Advanced Windows PowerShell.” It’s a 3-day class that includes an overview of DSC, a full day of scripting and toolmaking, a Workflow overview, error handling and debugging, and more. It’s meant as a direct follow-on to the 5-day 10961 course. We’re scheduling a beta teach through a Microsoft training center in mid-August 2014. It’ll be taught by MCT Jason Yoder, who’s an excellent trainer (and who attended PowerShell Summit North America 2014 a few weeks ago, so you know he’s jiggy with PowerShell). There will likely be a fee to attend live or remote, as you’ll get the complete “A” rev of the course. If you think you might be interested, go to http://powershell.hosted.phplist.com/lists/?p=subscribe&id=7 and sign up. Once the full class info is online, we’ll e-mail you and let you know where to go find it - we won’t share your info with anyone else, including the training center. Do this quickly - the class will likely fill up.
I’ve been working on a new lab guide for my classes, and thought I’d share an early version. Note that this may become unavailable at any point; the final version will go on MoreLunches.com, as the lab guide corresponds largely with Learn Windows PowerShell in a Month of Lunches and Learn PowerShell Toolmaking in a Month of Lunches, as well as with several of the free ebooks here on PowerShell.org. Also note that there is no slide deck. I hate slides and don’t use them in class, so I haven’t produced any slides. I do use a few diagrams in class (I load them into an iPad app called AirSketch, which “broadcasts” to my computer’s web browser, allowing me to show those images on the screen, and to whiteboard on them as needed), and those diagrams are replicated in the lab guide for students’ convenience. This new guide is designed to be more standalone than the ones I’ve used in the past. Each lab includes background and syntax reminders, designed so that students don’t have to take notes while the instructor is demonstrating things. That way, everyone can focus on the demos. I basically review each lab myself before I start a unit, and then just teach and demo what’s covered in the lab. Students then get the lab itself as a reminder, and exercises to cement what they’re learning. In many of my classes, this guide is the only thing students have in front of them, and it works well with my teaching style. At 119 pages, it’s a pretty substantial guide - and I have about nine more units to write, plus an additional four I plan to develop in the future. You can download the guide in PDF form. Again, this link may go dead at some point when I’m done with the guide, and officially post it on MoreLunches.com. Right now, I’m very interested in what you think. It’s designed to present very concise summaries of what I teach, not completely replace me, but in some places it’s still pretty extensive.
Aaron Hoover was kind enough to webcam the Summit sessions he attended, and he’s posted the videos on YouTube. URLs, from Aaron’s channel, are below. Just Enough Admin - Security in a Post-Snowden World - Jeffrey Snover - PowerShell Summit 2014
Windows System Internals with PowerShell - Adam Driscoll - PowerShell Summit 2014
PowerCLI: How to Automate Your VMWare Environment Reports - Matt Griffin - PowerShell Summit 2014
Parallel Execution with PowerShell - Tome Tanasovski - PowerShell Summit 2014
There’s some great PowerShell content now online for your viewing pleasure. Jeffrey Snover and I had a blast doing “Windows PowerShell Unplugged,” and I reviewed some best PowerShell practices (and hopefully provided a little inspiration for your career) in “Windows PowerShell Best Patterns and Practices: Time to Get Serious.” And the #2 overall session of TechEd? “DSC: A Practical Overview,” including a surprise demo (and announcement) from Snover showing DSC running on Linux. Enjoy!
After all the DSC-related excitement this week, there have been a few online and Twitter-based discussions including Chef, Puppet, and similar solutions. Many of these discussions start off with a tone I suppose I should be used to: fanboy dissing. “Puppet already does this and is cross-platform! Why should I bother with DSC?” Those people, sadly, miss the point about as entirely as it’s possible to do.
Point 1: Coolness
First, what Microsoft has accomplished with DSC is cool. Star Wars Episode V was also cool. These facts do not prevent previous things - Puppet/Chef/etc and Episode IV - from being cool as well. Something new being cool does not make other things less cool. This shouldn’t be a discussion of, “Puppet did this first, so nothing else can possibly be interesting at the same time.” As IT professionals, we should be looking at everything with an eye toward what it does, and what new ideas it might offer than can be applied to existing approaches.
