Congrats!

Congrats to our CFO, Jason Helmick, on receiving his first MVP Award!

Regular Expressions are a -replace's best friend

Are you familiar with PowerShell’s -replace operator?

"John Jones" -replace "Jones","Smith" Most folks are aware of it, and rely on it for straightforward string replacements like this one. But not very many people know that -replace also does some amazing stuff using regular expressions.

"192.168.15.12,192.168.22.8" -replace "\.\d{2}\.","10" That’d change the input string to “192.168.10.12,192.168.10.8,” replacing all occurrences of two digits, between periods, to 10. The 12 would be skipped because it isn’t followed by a period, as specified in the pattern. Note that all occurrences are replaced, in keeping with the usual operation of -replace.
The operator can also do capturing expressions, and this is where it gets really neat-o.

So your company doesn't want to enable PowerShell Remoting?

But I bet they’re okay with Remote Desktop Protocol, right? And all those Remote Procedure Calls?
And I bet they never even thought about why every *nix _system, ever, _has SSH enabled by default? But practically nothing else (by default)?
Hmm.

My PowerShell Workflow Series on TechNet Magazine

As most folks are aware, I’ve been writing the Windows PowerShell column for Microsoft’s _TechNet Magazine _for… wow, going on 7 years now. For 2013, I was doing a serialized column on PowerShell Workflow, introducing a bit of the technology at a time in each month’s article. Eagle-eyed observers will note that the series has “paused,” with no new articles in July or August.
First, I’m sorry for the interruption. Unfortunately, right now Microsoft is re-evaluating and re-positioning TechNet Magazine (perhaps in line with a larger re-considering of the TechNet brand, where they recently discontinued the subscription product), and for the time being the company is sticking with internally generated content for TechNet Magazine. I’m hopeful the company will come to a decision soon, and I’ll try and keep you posted here.
My past columns (all 77 of them) are still online and accessible, along with hundreds of other articles stretching back almost 8 years.

Working with the WSUS API and the SUSDB Database using PowerShell

Tthe WSUS API can be used to perform a multitude of WSUS tasks from approving patches, removing clients to creating automatic approval rules to many other things. By diving deeper into the API reveals that we can also find out the name of the SQL server (if using a remote SQL database server) that the SUSDB database is residing on. Beyond that, we can actually perform queries to the database (using TSQL) or perform tasks against the database itself.
I’ve written a couple of articles hat focus on making the database connection via the WSUS API and preform a simple query and then following up on that by performing some database maintenance by re-indexing and updating the statistics on the database tables.
Use the WSUS API and PowerShell to query the SUSDB Database
Using the WSUS API and PowerShell to Perform Maintenance on the SUSDB Database

New Blog Posting on Desired State Configuration

Just an FYI that I posted a walkthrough on my blog, of DSC, including my experiences as it relates to Group Policy:
http://bit.ly/1868BYS

How Cloud-First Design Affects You

Today, Brad Anderson (Corporate VP in the Windows Server/System Center unit) posted the first in what should be a series of “What’s New in 2012 R2” articles. In it, Anderson focuses on how Microsoft squeezed so many features into the 2012R2 release in such a short period of time. The short answer, which has been stated by Jeffrey Snover before, is “we build for the cloud first.” That means features we’re getting in 2012R2 have, for the most part, already been developed, deployed, and in use in some of Microsoft’s own cloud services. This is a huge deal. It means their cloud services (think Azure, O365, and the like) get stuff first, where Microsoft can make sure it’s stable. They then package those and hand them off to us.
It means we get better stability, but it also means we get better manageability. Look, you don’t get excited when you have to deploy a new server, right? You want to automate that stuff. Well, Azure gets really ticked off if they can’t automate it, because they do it thousands times more than you. So forcing themselves to run a ginormous datacenter also forces the company to make better management tools - which they then hand down to us in an OS release.
If, that is, you’re managing your datacenter as if it was your own little… dare I say it, private cloud. In other words, if you think of your datacenter as a wee little cloud, and you manage it like one, then you’ll get the tech you need, because Microsoft has to develop that tech for themselves. If you want to keep managing it the old-fashioned way… well, you’ll get less love.
This whole approach, for me, is the ultimate expression of the Microsoft phrase, “eat the dogfood.” Meaning, use our own products just as our customers would. You just have to make sure you’re eating the same flavor dogfood. Not that MS expects everyone to have their own in-house Azure. No, that’s not the point. The point is that they’re developing for a world where admins do nothing but create units of automation, and business processes (perhaps outside IT) initiate those processes. You’re going to see more and more tools and technologies (um, PowerShell) to facilitate that model of IT operations; you’ll see less and less tech that facilitates the old way (meaning, fewer and less robust GUI tools, I’m guessing).
Desired State Configuration (DSC) is probably an ideal example of this new approach. In the past, when you wanted to configure a few hundred machines to look and behave a certain way, you went clicky-click a few hundred times in a GUI. That’s imperative configuration; you tell each machine what to do. That doesn’t scale to cloud-sized proportions, and so now we’re getting DSC. DSC is declarative configuration, meaning you tell a group of machines what to be. The OS itself figures out how to achieve that state of being. So admins have to shift from thinking “what do I make the machine do” and “how do I tell it what to be.” It’s not unlike Group Policy, actually, which is also declarative, except that DSC will eventually dwarf Group Policy in terms of reach and capability.
Point being, if you’re in the old world of, “I just run through the Wizard and set the machine up,” you’re not aligned with the new world order. Expect fewer wizards, as product teams shift their investment to building things like DSC resources instead. With 12-18 month product cycles, time is in short supply for each new release. One-at-a-time approaches don’t scale to the cloud, so those are likely to get less of that limited amount of time.
Anderson’s post is worth a read. It’s a little high-level - the man is a Corporate VP, after all - but it shows where Microsoft is pointing their collective brain. It uses the word “delight.” It describes in great detail how Microsoft is trying harder to put the customer in the front of every conversation - but, more subtly, it also shows how Microsoft is moving the conversation past “what do customers tell us they want” and more toward “here’s what we see customers needing.” Henry Ford would be proud.

Come to PowerShell Summer School!

Through my company Concentrated Tech, I’ve decided to run a set of three PowerShell Summer School classes (click that link for descriptions). These will be a combo of self-study and weekly online sessions, designed to teach Toolmaking, Practical applications of PowerShell, or how to teach PowerShell in a lunch ’n’ learn style format. Registration is open from now until August 1st, and you’ll also get a discount on some great SAPIEN products to use during class, if you like.
The Toolmaking class will also prepare you for PowerShell VERIFIED EFFECTIVEâ„¢ certification, if you’ve been considering that.
Two of the classes will incorporate group code reviews of student assignments, to help improve your style; the third will include mock delivery sessions to help polish your delivery skills. All will include a private Q&A forum where you can ask questions both of me and of your fellow students while you’re in the self-stufy phase. Classes will meet online, on Wednesdays, for six weeks through August and September.
Planning a vacation in the middle of summer school? It’s fine - we can schedule a make-up online session when you get home. I’m also willing to try and make other accommodations to help make this an effective learning experience for everyone.
All of these classes assume a basic level of PowerShell knowledge, although you’ll get plenty of review material to help you catch up, or dredge up old memories from when you last tried to learn the shell.
Tell a friend, tell a colleague - I don’t do these kinds of offerings all that often; my travel schedule usually precludes it. But a fortuitous schedule has made it possible, so consider taking advantage!

[UPDATE: It's Safe] CAUTION: Don't Run Update-Help Right Now

UPDATE 2 JULY 2013: Microsoft is informing MVPs that the fix is in, and new help files should be downloadable by (at latest) the morning of 3 July 2013. So get your Update-Help ready to run. More info.
If you haven’t recently run Update-Help… don’t. There’s a problem with the help files that have been produced recently so that instead of:
**-computername **
You’re getting:
-computername
This affects all parameters - no value types will be shown. This has been reported to Microsoft, and they’ve acknowledged receipt of that report and are investigating. Personally, I believe the problem may be related to internal-use-only tools that are used to create the syntax section of the help files, so hopefully it’ll be an easy fix.
The -full and -detail help still shows the correct information, so if you’ve downloaded the borked help files, you’re not totally out of luck.
As far as I can determine, this only currently affects core PowerShell cmdlets, not add-in modules from product teams like Exchange, etc. I believe that’s because the core cmdlets were just updated and re-published, something the PowerShell team tends to do a bit more frequently than some of the other product groups.
I’ll keep you posted as I learn anything new.

Pipeline or Script? That is the Question

When I teach PowerShell classes, I often start by assuring students that, with the shell, you can _accomplish a great deal without ever writing a script. _And it’s true - you can. Unlike predecessor technologies like VBScript, PowerShell lets you pack a lot of goodness into a one-liner - or even into several lines run manually in the console.
What I never say is _you can accomplish  anything without ever writing a script. _That isn’t true. I see folks struggle all the time to squeeze something into a one-liner pipeline, when life would be so much easier if they switched a script-style, procedural approach.
So what’s the tipping point?
Actually, it’s really easy to spot. You should be writing a script if: