Windows with Chocolate(y)

Chocolatey is a Linux-apt-get-like Packet Manager for Windows that uses PowerShell. Software you’ve installed using Chocolatey can easily be upgraded at once by just starting a command like “choco upgrade all”.

Actually this is the coolest and easiest way to get control of all the Flash, Java, Acrobat and all other thousand tools on your computer.

Do I have to reinstall all my Tools?

No. Just install everything again with choco over your actual setup. This works great and is a good way to start with Chocolatey.

So tell me how

To eat the chocolate, start an elevated cmd.exe prompt and run this command (copy-paste):

@powershell -NoProfile -ExecutionPolicy Bypass -Command "iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))" && SET PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin

// If you want to be sure, this command is from here: http://www.chocolatey.org

Important: choco only works in elevated promts, never try to run without elevation. But you can run choco in cmd.exe as well as powershell.exe; I recommend to use powershell because choco is based on PowerShell.

Tweaks

One important tweak is to disable the confirmation prompt. Each time you install something, choco asks for confirmation. This can get painful if you’d like to upgrade for example 20 packages at once.

To disable the prompt, run this command:

choco feature enable -n allowGlobalConfirmation

Let’s install

Now you can use choco with this parameters.

choco -?                 # help
choco install <paket>    # install
choco remove <paket>     # uninstall
choco list <suchbegriff> # search for a packet
choco upgrade all        # upgrades all installed packages
choco list -l            # shows locally installed choco packages

My favorites

Here’s my package list for all computers.

choco install 7zip AdobeAIR altap-salamander cdburnerxp GoogleChrome dropbox firefox flashplayerplugin jre8 keepass mRemoteNG notepadplusplus Silverlight skype teamviewer vlc

Other packages, that might interest you:

cdburnerxp classic-shell Firefox handbrake IrfanView iTunes lastpass thunderbird Gpg4win

And there are a lot more. Just search for it using “choco list <whatever>”.

Get (Calculate) Windows Product Key using PowerShell

There are some tools in the web that can read out Product Keys from a running Windows installation. There’s also a cool guy that wrote a PowerShell Script that can do the same. Christian Haberl published his Script on his blog here:

http://blog.this.at/post/2010/03/06/Windows-Product-Key-per-Powershell-auslesen.aspx

Source Code:

function Get-ProductKey {

$map=“BCDFGHJKMPQRTVWXY2346789”
$value = (get-itemproperty “HKLM:\\SOFTWARE\Microsoft\Windows NT\CurrentVersion”
).digitalproductid[0x34..0x42]
$ProductKey = “”
for ($i = 24; $i -ge 0; $i–
) {
$r =
0
for ($j = 14; $j -ge 0; $j–
) {
$r = ($r * 256) -bxor $value[$j
]
$value[$j] = [math]::Floor([double]($r/
24))
$r = $r %
24
  }
$ProductKey = $map[$r] +
$ProductKey
if (($i % 5) -eq 0 -and $i -ne
0) {
$ProductKey = “-” +
$ProductKey
  }
}
echo “Product Key:” $ProductKey

}

Very cool! Thanks Christian for publishing that code.

Change multiple User’s Passwort with a randomly generated one

Import-Module ActiveDirectory
Add-Type -Assembly System.Web

$adpath = “AD:\DC=xantox,DC=madera,DC=ch”
$adfilter = “TestUser*”
$userlist = Get-ChildItem $adpath | ? {$_.Name -like $adfilter}
$table = @()

foreach ($user in $userlist) {

$item = “” | select Username, Password
$item.Username = $user.name
$item.Password = [Web.Security.Membership]::GeneratePassword(20,4)

$securepw = $item.Password | ConvertTo-SecureString -AsPlainText -Force
Set-ADAccountPassword -Identity $user -NewPassword $securepw

$table += $item
}

$table | export-csv -path .\passwordlist.txt

Server 2012 PowerShell Commands

Proxy setzen

netsh winhttp set proxy proxy-server=”sta0394:8080″

Datei aus Internet herunterladen

$wc = New-Object System.Net.WebClient
$wc.DownloadFile($source, $destination)

Dism /get-wiminfo /wimfile::sources\install.wim

Dism /mount-wim /WimFile::\sources\install.wim /Index: /MountDir:c:\mountdir /readonly


Install GUI for Server Core

On a non-core installation, all the source files to add Roles and Features are copied to C:\Windows\winsxs where Windows automatically can access the files when you add Roles or Features. On a

Sources findet man auch in der ISO / CD im Unterordner \sources\sxs.

Install-WindowsFeature Server-Gui-Mgmt-Infra,Server-Gui-Shell –Restart –Source \\server\share\sources\sxs Install-WindowsFeature Server-Gui-Mgmt-Infra,Server-Gui-Shell –Restart

PSBASE view of Powershell Objects

Until today, I didn’t know that the PowerShell Objects are modified to a standardized view and do not contain all known methods that are available. Good thing is, it’s possible to use them anyway.

Source: http://blogs.msdn.com/b/powershell/archive/2006/11/24/what-s-up-with-psbase-psextended-psadapted-and-psobject.aspx

For an example, create an object using Get-WMIObject:

$obj = Get-WMIObject Win32_Service -Filter “Name=’Winmgmt'”
$svc.StartMode=’Manual’

Now to submit the changes, there’s a method “ChangeStartMode” in place. Yes, there’s a way using Invoke-WMIMethod, but it’s a modified way. Using “PSBASE” there are some new Methods available:


$svc.psbase.put()

http://blogs.msdn.com/b/powershell/archive/2006/11/24/what-s-up-with-psbase-psextended-psadapted-and-psobject.aspx 

PowerShell Module und SnapIn’s

Module

Die PowerShell Module sind zwar mit Active Directory gleich mitinstalliert, müssen aber manuell nachgeladen werden. Für bequeme gibts im Startmenü über das Suchen Feld einen Eintrag “Windows PowerShell Modules”. Dieses Skript importiert dann alle nötigen Module in die PowerShell. Davor sollte man auch noch sicherstellen dass man die Execution Policy mindestens auf “RemoteSigned” hat.

Set-ExecutionPolicy RemoteSigned -Confirm:$false

Viel einfacher finde ich es mit dem Befehl “ImportSystemModules” die Module zu laden und anschliessend mit “Get-Module” anzeigen zu lassen. Daraufhin erscheinen folgende Module:

Name                ExportedCommands
—-                —————-

ActiveDirectory     {Set-ADOrganizationalUnit, Set-ADUse..}

ADRMS               {Uninstall-ADRMS, Update-ADRMS, Inst
..}
AppLocker           {Get-AppLockerPolicy, Get-AppLockerF
..}
BestPractices       {Get-BpaModel, Set-BpaResult, Get-Bp
..}
BitsTransfer        {Start-BitsTransfer, Remove-BitsTran
..}
GroupPolicy         {Get-GPStarterGPO, Get-GPOReport…}

PSDiagnostics       {Enable-PSTrace, Enable-WSManTrace…}

ServerManager       {Remove-WindowsFeature, Get-WindowsF
..}
TroubleshootingPack {Get-TroubleshootingPack, Invoke-Tro
..}

Somit kanns dann losgehen mit den AD-* Befehlen, welche man übrigens mit folgendem Befehl kurz auflisten kann:

(Get-Module ActiveDirectory).ExportedCommands.Values

PSSnapIn’s

Windows PowerShell SnapIn’s

  • Microsoft.Exchange
  • Microsoft.Windows.AD

Für die Quest SnapIn’s

  • Quest.ActiveRoles.ADManagement

Übrigens: Das Importieren der SnapIn’s ist jeweils nur für die aktuelle Session gültig. Ausser man benutzt den Export-Console Befehl um die aktuellen Einstellungen zu sichern.