6434A ENU LabManual

OFFICIAL MICROSOFT LEARNING PRODUCT
6434A
Lab Instructions and Answer Key:
Automating Windows Server 2008 ®
Administration with Windows

PowerShell TM
Information in this document, including URL and other Internet Web site references, is subject to
change without notice. Unless otherwise noted, the example companies, organizations, products,
domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious,
and no association with any real company, organization, product, domain name, e-mail address,
logo, person, place or event is intended or should be inferred. Complying with all applicable
copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part
of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted
in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for
any purpose, without the express written permission of Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual
property rights covering subject matter in this document. Except as expressly provided in any
written license agreement from Microsoft, the furnishing of this document does not give you any
license to these patents, trademarks, copyrights, or other intellectual property.
The names of manufacturers, products, or URLs are provided for informational purposes only and
Microsoft makes no representations and warranties, either expressed, implied, or statutory,
regarding these manufacturers or the use of the products with any Microsoft technologies. The
inclusion of a manufacturer or product does not imply endorsement of Microsoft of the
manufacturer or product. Links may be provided to third party sites. Such sites are not under the
control of Microsoft and Microsoft is not responsible for the contents of any linked site or any link
contained in a linked site, or any changes or updates to such sites. Microsoft is not responsible for
webcasting or any other form of transmission received from any linked site. Microsoft is providing
these links to you only as a convenience, and the inclusion of any link does not imply endorsement
of Microsoft of the site or the products contained therein.
© 2008 Microsoft Corporation. All rights reserved.
Microsoft, and Windows are either registered trademarks or trademarks of Microsoft Corporation in
the United States and/or other countries.
All other trademarks are property of their respective owners.
Technical Reviewer: Trevor Barry
Product Number: 3639
Part Number C90-06038

Released: 07/2008
Lab Instructions: Introduction to Windows PowerShell™ 1
Module 1
Lab Instructions: Introduction to Windows
PowerShell™
Contents:
Exercise 1: Installing Windows PowerShell 2
Exercise 2: Customizing Windows PowerShell 3
2 Lab Instructions: Introduction to Windows PowerShell™
Lab: Implementing Windows PowerShell
Exercise 1: Installing Windows PowerShell

Scenario
You are a Windows Server 2008 administrator for Woodgrove Bank. You plan to
automate several Windows Server administration tasks by using Windows
PowerShell, in addition to using the shell for interactive systems management.
Therefore, you need to install Windows PowerShell on Windows Server 2008.
Knowing that Windows PowerShell depends on the .NET Framework, you will
first ensure that this framework is installed prior to installing Windows
PowerShell.
Exercise Overview
In this exercise you will select and install the correct build of
Windows PowerShell v1.0.
The main tasks for this exercise are as follows:
1. Start the 6434A-NYC-DC1 virtual machine and log on as Administrator.
2. Verify that the Windows PowerShell system requirements are met.
3. Install Windows PowerShell.
Lab Instructions: Introduction to Windows PowerShell™ 3
f Task 1: Start the 6434A-NYC-DC1 virtual machine and log on as

Administrator
• Start 6434A-NYC-DC1 and log on as Administrator using the password
Pa$$w0rd.
f Task 2: Verify that the Windows PowerShell system requirements are

met
• Ensure that .NET Framework v2.0 or later is installed.
• Ensure that the server operating system is compatible with
Windows PowerShell.
• Make a note of the server operating system and architecture (x64 or x86).
f Task 3: Install Windows PowerShell

• From the Administrative Tools menu, open Server Manager.
• Add the Windows PowerShell feature.
Results: After this exercise, you should have installed Windows PowerShell on
6434A-NYC-DC1.
Exercise 2: Customizing Windows PowerShell

Scenario
An administrator in your company, Woodgrove Bank, has a visual impairment and
cannot easily read the Windows PowerShell console when it is set to use the
default colors. You need to customize the console window to use different colors
that provide greater contrast. You also need to ensure that the shell can run scripts
that you and the other administrators at the bank have written, as well as
downloaded scripts that have been digitally signed.
Exercise Overview
In this exercise you will set the script execution policy in Windows PowerShell and
customize the appearance of the Windows PowerShell console window.
1. Set the script execution policy.
4 Lab Instructions: Introduction to Windows PowerShell™
2. Customize the appearance of the Windows PowerShell console window.
f Task 1: Set the script execution policy

• Set the script execution policy to RemoteSigned.
f Task 2: Customize the appearance of the Windows PowerShell console

window
• Configure the console window to have a buffer width of 100 characters and a
physical width of 80 characters.
• Configure the console window to have white text on a dark green background.
Feel free to change the colors to meet your personal preferences.
• Ensure that QuickEdit Mode is selected.
Results: After this exercise, you should have set the script execution policy to allow for
script execution, and customized the Windows PowerShell console window.
Lab Instructions: Overview of Windows PowerShell™ 1
Module 2
Lab Instructions: Overview of Windows
PowerShell™
Contents:
Exercise 1: Learning Cmdlets and Defining Aliases 2
Exercise 2: Holding the Output of a Cmdlet 3
2 Lab Instructions: Overview of Windows PowerShell™
Lab: Working with Windows PowerShell

Cmdlets, Aliases, Objects, and Variables
Exercise 1: Learning Cmdlets and Defining Aliases

Scenario
You are an administrator for Woodgrove Bank. You plan to automate several
Windows Server administrative tasks by using Windows PowerShell. To maximize
your efficiency with Windows PowerShell, you decide to create custom
abbreviations for the cmdlets that you will use most frequently. Therefore, you
need to learn the necessary cmdlets and define aliases for them. Many tasks that
you need to automate involve accessing the event logs; therefore, you decide to
start by finding cmdlets that work with the event logs. You also need a quick way
to save the output of Windows PowerShell operations in a file; consequently, you
also intend to find cmdlets that work with output and files.
Exercise Overview
In this exercise, you will identify the cmdlets necessary to perform specific tasks,
and you will create a new alias to one of those cmdlets.
Lab Instructions: Overview of Windows PowerShell™ 3
1. Start the 6434A-NYC-DC1 virtual machine, log on as Administrator, and start

Windows PowerShell.
2. Identify the cmdlets that perform a specific task.
3. Create an alias.
f Task 1: Start the 6434A-NYC-DC1 virtual machine, log on as

Administrator, and start Windows PowerShell
Pa$$w0rd.
• Open Windows PowerShell.
f Task 2: Identify the cmdlets that perform a specific task

• Identify the cmdlet that displays a list of Windows event log entries.
• Identify the cmdlet that pipes output to a specified text file.
f Task 3: Create an alias

• Create an alias named OF that references the cmdlet used to pipe output to a
specified text file.
Results: After this exercise, you should have identified two cmdlets and created an
alias for one of those cmdlets.
Exercise 2: Holding the Output of a Cmdlet

Scenario
You need to capture the output of a cmdlet so that the output can be used to
perform other tasks. You also want to be able to review the output at a later time.
At Woodgrove Bank, one of your administrative duties involves keeping track of
the processes that are running on your servers. You periodically need to make
snapshots of the list of processes running on each server; but occasionally, you
need to work with these lists right away. Therefore, you decide to keep the list of
processes in Windows PowerShell variable and then save the list of processes in
that variable to a text file.
4 Lab Instructions: Overview of Windows PowerShell™
Exercise Overview
In this exercise you will run a cmdlet and retain its output in a variable.
1. Obtain the currently running processes and store them in a variable.
2. Display the processes stored in a variable.
f Task 1: Obtain the currently running processes and store them in a

variable
• Use the Get-Process cmdlet to retrieve the currently running processes. Store
the results of the cmdlet in a variable named $processes.
f Task 2: Display the processes stored in a variable

• Display the processes stored in the $processes variable.
• Write the contents of $processes to a text file.
Results: After this exercise, you should have run a cmdlet and retained its output in a
variable. You should also have displayed the contents of that variable.
Lab Instructions: Building Pipelines for Assembly-Line Style Processing 1
Module 3
Lab Instructions: Building Pipelines for
Assembly-Line Style Processing
Contents:
Exercise 1: Evaluating Process Properties Using the Get-Member Cmdlet 2
Exercise 2: Calculating Process Memory Usage 3
Exercise 3: Using Associative Array Variables 4
Exercise 4 Sorting and Selecting Elements from a Resultant Set of Data 5
2 Lab Instructions: Building Pipelines for Assembly-Line Style Processing
Lab: Implementing Pipelines in

Windows PowerShell
Exercise 1: Evaluating Process Properties Using the

Get-Member Cmdlet
Scenario
You need to use Windows PowerShell to perform several tasks related to running
processes. In order to do so, you need to identify the appropriate process object
properties. The servers that you manage at Woodgrove Bank must be monitored
with respect to virtual memory utilization and physical memory utilization,
including the amount of non-paged memory that is being used. These memory
utilizations must be tracked per process so that you can evaluate which processes
are the biggest consumers, and so that you can track growth in memory
utilizations over time due to increasing traffic through the services hosted by your
servers.
Exercise Overview
In this exercise you will use the Get-Member cmdlet to identify various properties
of a Process object.

Windows PowerShell.
2. Identify specific properties of a Process object.

Pa$$w0rd.
f Task 2: Identify specific properties of a Process object

• Use Windows PowerShell to display all the properties for a Process object.
• Examine the list of Process object properties to determine the properties that
represent the following aspects of the process:
• Virtual memory utilization
• Paged memory utilization
• Non-paged memory utilization
Results: After this exercise, you should have discovered the Process object properties
that represent the virtual memory utilization, paged memory utilization, and non-
paged memory utilization of a process.
Exercise 2: Calculating Process Memory Usage

Scenario
Lately at Woodgrove Bank, concerns have been raised as to whether your servers
have adequate RAM to deal with the increased traffic load created by many new
users after a recent merger. You need to identify which services and applications
are consuming the most memory. In order to narrow down which processes are
responsible for high memory consumption, you need to calculate and display the
amount of memory used by the processes running on a server.
Exercise Overview
In this exercise, you will use Windows PowerShell to calculate the memory usage
for the processes running on a computer.
1. Display memory utilization statistics for running processes.
f Task 1: Display memory utilization statistics for running processes

• Display the average paged memory used by all running processes.
• Display the total virtual memory used by all running processes.
• Display the average, total, minimum, and maximum values for virtual and
paged memory utilization by all running processes.
Results: After this exercise, you should have displayed various memory utilization
statistics for the processes running on a computer.
Exercise 3: Using Associative Array Variables

Scenario
You monitor many of the servers in the data centers of Woodgrove Bank remotely
from a central network operation center. You use powerful systems management
products to accomplish some of your goals, but some tasks are best handled with
custom Windows PowerShell scripts. One of the scripts that you are writing needs
to keep track of the computer name, primary management IP address, and the
operating system that the server is running. You need to create an associative array
to store multiple pieces of information in a single variable, and utilize the array to
access specified pieces of information.
Exercise Overview
In this exercise you will create and utilize an associative array.
1. Create an associative array and populate it with values.
2. Display specified members of an associative array.
f Task 1: Create an associative array and populate it with values

• Create an associative array and store it in a variable named $arr. Populate the
array with the following key/value pairs:
• Name/Server2
• IP/192.168.10.10
• OS/Windows Server 2008
f Task 2: Display specified members of an associative array

• Using the variable $arr created in Task 1, display only the value for the IP key.
Results: After this exercise, you should have created an associative array and displayed
specific values from within the array.
Exercise 4: Sorting and Selecting Elements from a

Resultant Set of Data
Scenario
You have determined that the amount of physical memory in some of the servers
that you administer at Woodgrove Bank is inadequate. You need to create a report
that describes the processes that are running on a server. You need to sort this set
of objects so that they appear in the correct order, and ensure that only the
necessary object property values are displayed. You decide to sort by the physical
memory used by each process, with the largest consumer at the beginning of the
list and the process with the smallest memory footprint at the end of the list. In
order to focus on only the necessary information, you then decide to report only
the process names and physical memory utilization values, and also to limit the list
to the top ten processes that are using disproportionately large amounts of
memory.
Exercise Overview
In this exercise you will retrieve the currently running processes and display them
in a sorted table that includes a subset of the processes and their properties.
1. Sort processes into the desired order.
2. Select the desired properties of a process.
3. Select a subset of the available processes.
f Task 1: Sort processes into the desired order

• Use the Get-Process cmdlet to retrieve all running processes. Sort them so that
the processes using the most paged memory are displayed first.
f Task 2: Select the desired properties of a process

the processes using the most paged memory are displayed first. Format the
output so that it is displayed as a table that includes only the names of the
processes and paged memory utilization.
f Task 3: Select a subset of the available processes

the processes using the most paged memory are displayed first. Format the
output so that it is displayed as a table that includes only the names of the
processes and paged memory utilization. Display only the first 10 processes.
Results: After this exercise, you should have created a table that displays a sorted
subset of running processes.
Lab Instructions: Managing Processes and Formatting Cmdlet Output 1
Module 4
Lab Instructions: Managing Processes and
Formatting Cmdlet Output
Contents:
Exercise 1: Implementing Basic Formatting Control 2
Exercise 2: Formatting with the -f Operator 4
Exercise 3: Implementing Advanced Formatting 5
2 Lab Instructions: Managing Processes and Formatting Cmdlet Output
Lab: Output Formatting and Process Control

with Windows PowerShell
Exercise 1: Implementing Basic Formatting Control

Scenario
You are an administrator for Woodgrove Bank. You need to format the output of
Windows PowerShell cmdlets so that administrative information is displayed in an
appropriate manner. Three of the common types of data that you work with are
services, event log entries, and processes. You choose an appropriate formatting
cmdlet to suit each type of data and the task at hand. In addition, you choose
specific properties of the different kinds of objects you work with so that both the
format and specific data that is presented in that format is easy to understand.
Exercise Overview
In this exercise you will use formatting cmdlets to create basic customized
formatting.
Windows PowerShell.
2. Format services in a table.
3. Format event log entries in a list.

4. Format processes in a wide list.

1. Start 6434A-NYC-DC1 and log on as Administrator using the password
Pa$$w0rd.
2. Open Windows PowerShell.
f Task 2: Format services in a table

• Display a list of installed services in a table, so that the table includes columns
only for the name and current status (running or stopped) of the services. The
table should not span the width of the Windows PowerShell window.
• Display a list of installed services in a table, so that the table includes columns
only for the name, current status (running or stopped) services, and whether
or not the service can be paused.
f Task 3: Format event log entries in a list

• Display the 20 most recent System event log entries in a list. The list should
include all properties of the event log entry objects.
f Task 4: Format processes in a wide list

• Display a two-column list of currently running process names.
• Display a two-column list of currently running process descriptions.
Results: After this exercise, you should have five custom-formatted displays for various
operating system object types.
Exercise 2: Formatting with the -f Operator

Scenario
You are creating a script that will display messages regarding running processes.
Your manager at Woodgrove Bank expects clear and concise information that is
presented in an easy to understand format. You need to present her with
information about the memory utilization of specific processes at various points in
time. You need to insert formatted data into the messages so that the messages
have a clear meaning. You have chosen to use the–f formatting operator of
Windows PowerShell to help in this task.
Exercise Overview
In this exercise, you will use the -f operator to provide custom formatting for
various operating system objects and data.
1. Insert data into a string.
2. Insert numerically formatted data into a string.
3. Insert date-formatted data into a string.
f Task 1: Insert data into a string

• Retrieve all running processes and store them in a variable named $processes.
• Use the -f operator to display the string, "The second process is x," so that "x" is
the name of the second process in $processes.
• Use the -f operator to display the string, "The second process is x, and it is
using y bytes of virtual memory," so that "x" is the name of the second process
in $processes, and "y" is the amount of virtual memory being used by that
process.
f Task 2: Insert numerically formatted data into a string

• Retrieve all running processes and store them in a variable named $processes.
• Use the -f operator to display the string, "The second process is x, and it is
using yMB of virtual memory," so that "x" is the name of the second process in
$processes, and "y" is the amount of virtual memory being used by that
process. Display the virtual memory in megabytes, formatted as a number with

no digits after the decimal point.
f Task 3: Insert date-formatted data into a string

• Use the Get-Date cmdlet to retrieve the current date and store it in a variable
named $now.
• Display the string, "Today is x," where "x" is the current date formatted as a
short date (such as MM/DD/YYYY or DD/MM/YYYY, depending on the
regional settings of your computer).
Results: After this exercise, you should have produced various strings that include
formatted data.
Exercise 3: Implementing Advanced Formatting

Scenario
You are creating a formatted report for your supervisor and need to ensure that the
report contains the correct data. Your supervisor is the director of IT at Woodgrove
Bank, and she is very busy. You want to ensure that the units of information that
you are reporting are consistent with other reports that she uses. Some of the
necessary data needs to be calculated using a mathematical expression.
Specifically, the virtual memory utilization of processes should be reported in units
of megabytes rather than in units of bytes. However, the available data is provided
in units of bytes. You decide to test the expression and reporting format and then
generate the report by providing a calculated property to the Windows PowerShell
table formatter.
Exercise Overview
In this exercise you will use the Format-Table cmdlet to implement advanced
formatting, including calculated columns in a table.
1. Prototype a calculated column using the -f operator
2. Create a table that contains a calculated column
f Task 1: Prototype a calculated column using the -f operator

• Retrieve a list of processes into a variable named $processes.
• Use the -f operator to display the virtual memory utilization of the first process
in $processes. The virtual memory utilization should be displayed in
megabytes, using numeric formatting, with no digits after the decimal point.
f Task 2: Create a table that contains a calculated column

• Display a list of all running processes in a table that includes the names of the
processes and their virtual memory utilization. The virtual memory utilization
should be displayed in megabytes, using numeric formatting, with no digits
after the decimal point.
Results: After this exercise, you should have created a table that uses a calculated
column.
Lab Instructions: Introduction to Scripting with Windows PowerShell™ 1
Module 5
Lab Instructions: Introduction to Scripting with
Windows PowerShell™
Contents:
Exercise 1: Writing and Running a Script 2
Exercise 2: Customizing Profiles 3
2 Lab Instructions: Introduction to Scripting with Windows PowerShell™
Lab: Implementing Scripts in Windows

PowerShell
Exercise 1: Writing and Running a Script

Scenario
Another administrator in Woodgrove Bank needs to regularly generate a report of
running processes that includes specific information. You need to write a script
that will enable the other administrator to perform this task without manually
entering Windows PowerShell commands.
Exercise Overview
In this exercise you will write a Windows PowerShell script that displays specified
information about running processes.
2. Create an empty script file.
3. Add Windows PowerShell commands to the script.
4. Run the script and verify its operation.
Lab Instructions: Introduction to Scripting with Windows PowerShell™ 3

Administrator
Pa$$w0rd.
f Task 2: Create an empty script file

• Use Windows Explorer to create a new folder named C:\Scripts.
• Use Windows Explorer to create a new text file named Mod5Task2.ps1.
f Task 3: Add Windows PowerShell commands to the script

• Use Windows Notepad to open Mod5Task2.ps1.
• Add the Windows PowerShell command that will display the currently
running processes in a table format, so that only the name, physical memory
utilization, and virtual memory utilization of the process are displayed. The
table columns should not have excess blank space between them.
f Task 4: Run the script and verify its operation

• Run Mod5Task2.ps1 and verify that it displays the desired information,
Results: After this exercise, you should have created a script which, when executed,
displays information about processes running on the server.
Exercise 2: Customizing Profiles

Scenario
You and the other administrators at Woodgrove Bank frequently use Windows
PowerShell to automate Windows Server administrative tasks. You need to become
more efficient at using the shell and must create shorter aliases to some of the
common cmdlets that you run. You want these aliases to be available each time
that you open the shell; therefore, you add them to your Windows PowerShell
profile. When your colleagues see how efficient you are with these aliases, they
might want to use them too, so you will likely be sharing your profile changes with
them.
4 Lab Instructions: Introduction to Scripting with Windows PowerShell™
Exercise Overview
In this exercise you will create a Windows PowerShell profile and configure it to
automatically create aliases each time that the shell is opened.
1. Create a blank profile script.
2. Add commands to the profile.
3. Test the profile and verify its operation.
f Task 1: Create a blank profile script

• Use Windows Explorer to create a new, blank Windows PowerShell profile
script that will open only for your user account, and only for the default shell
instance.
f Task 2: Add commands to the profile

• To the profile that you created, add the command that creates an alias named
Gel for the cmdlet Get-EventLog.
• To the profile you created, add the command that creates an alias named Of
for the cmdlet Out-File.
f Task 3: Test the profile and verify its operation

• Close and reopen Windows PowerShell.
• Run Gel Security and ensure that the security event log entries are displayed.
• Run Ps | Of C:\Scripts\Processes.txt and verify that a file named
C:\Scripts\Processes.txt is created, and that the file contains a list of currently
running processes.
Results: After this exercise, you should have created a Windows PowerShell profile
that automatically creates aliases each time the shell is opened.
Lab Instructions: Implementing Flow Control and Functions 1
Module 6
Lab Instructions: Implementing Flow Control
and Functions
Contents:
Exercise 1: Adding Flow Control in a Script 2
Exercise 2: Creating Functions 4
2 Lab Instructions: Implementing Flow Control and Functions
Lab: Implementing Functions and Flow Control

in Windows PowerShell
Exercise 1: Adding Flow Control in a Script

Scenario
You are a network administrator for Woodgrove Bank. You need to use Windows
PowerShell to inventory operating system versions, including the version of the
latest installed service pack, from several computers. You decide to use information
that is available via Windows Management Instrumentation (WMI) and choose the
Win32_OperatingSystem class to retrieve this information. Because the Caption
property of this class provides a more verbose operating system product name
than you want to display, you choose to use Windows PowerShell flow control to
help translate the operating system build number into a short representation of the
operating system version.
Exercise Overview
In this exercise, you will control the flow of processing of script code blocks.
Windows PowerShell.
2. Retrieve the Windows build number and service pack version from a
computer.
3. Write a script that uses the build number to display the operating system
version.

• 1. Start 6434A-NYC-DC1, log on as Administrator using the password
Pa$$w0rd, and start Windows PowerShell.
f Task 2: Retrieve the Windows build number and service pack version
from a computer
• Use the Get-WmiObject cmdlet to retrieve the Win32_OperatingSystem class
from 6434A-NYC-DC1
• Store the retrieved class in a variable.
• Use the -computerName parameter of Get-WmiObject to specify NYC-DC1 as
the computer name.
• Use the variable containing the retrieved class to display the BuildNumber
and ServicePackMajorVersion properties.
f Task 3: Write a script that uses the build number to display the
operating system version
• Create a new, blank script named Mod6Task3.ps1.
• To the script, add commands that accomplish the following tasks:
• Store the computer name NYC-DC1 into a variable named $computer.
• Use Get-WmiObject to retrieve the Win32_OperatingSystem class from
the computer name stored in $computer. Store the retrieved class in a
variable named $os.
• Store "0" in a variable named $osver.
• Use a switch construct to examine the BuildNumber property of the $os
variable. Store a short version of the operating system version in the
variable $osver, according to the following rules:
4 Lab Instructions: Implementing Flow Control and Functions
• If the build number is 2195, store "Win2000" in $osver.

• If the build number is 2600, store "WinXP" in $osver.
• If the build number is 3790, store "Win2003" in $osver.
• If the build number is 6000, store "Vista" in $osver.
• Otherwise, store "Win2008" in $osver.
• Display output similar to this:
NYC-DC1: Win2008 SP0
• Run the script named Mod6Task3.ps1.
Results: After this exercise, you should have created a script that retrieves and displays
the operating system version and latest installed service pack version from a specified
computer.
Exercise 2: Creating Functions

Scenario
You are an administrator for Woodgrove Bank. You have written a script that
retrieves the Windows operating system name and service pack version number
from a remote computer. However, you need to perform this task frequently, so
you want to make the script more easily accessible from within Windows
PowerShell. You decide to convert your script to a function and define this
function in your Windows PowerShell profile so that it does not need be defined
for each new instance of Windows PowerShell.
Exercise Overview
In this exercise, you will create a function and add it to their profile.
1. Rewrite Mod6Task3.ps1 as a function.
2. Add the function to your Windows PowerShell profile.
f Task 1: Rewrite Mod6Task3.ps1 as a function

• Copy Mod6Task3.ps1 to Mod6Function.ps1.
• Modify Mod6Function.ps1 so that the code is contained within a function
named Get-OSVersion.
• The function should accept one input argument named $computer.

• The contents of the function should use the $computer input argument
rather than the $computer variable previously defined in the script.
• The function should return its output rather than writing it to the console
window.
• After defining the function, add the command Get-OSVersion NYC-DC1 to
the script.
• Run Mod6Function.ps1 and verify its output.
f Task 2: Add the function to your Windows PowerShell profile

• Add the Get-OSVersion function to your Windows PowerShell profile.
• Close and re-open Windows PowerShell, and run Get-OSVersion NYC-DC1 to
verify the availability of the function.
Results: After this exercise, you should have created the Get-OSVersion function and
added it to your profile.
Lab Instructions: Working with Files, the Registry, and Certificate Stores 1
Module 7
Lab Instructions: Working with Files, the
Registry, and Certificate Stores
Contents:
Exercise 1: Searching for Certain Files 2
Exercise 2: Modifying Registry Entries 4
Exercise 3: Generating Reports 5
Exercise 4: Generating Reports on the Security Log 6
Exercise 5: Comparing Files 7
2 Lab Instructions: Working with Files, the Registry, and Certificate Stores
Lab: Working with Files, the Registry, and

Certificate Stores
Exercise 1: Searching for Certain Files

Scenario
You are an administrator for Woodgrove Bank. Another administrator has asked
you to locate several files on a server, and you have decided to use Windows
PowerShell to accomplish the task. You also need to locate all files containing a
specific text string. This text string is a copyrighted phrase which must be reviewed
and potentially changed by other users.
Exercise Overview
In this exercise, you will search within a folder for all files of a certain type, for files
having a certain name, and for files that contain a particular text string that
represents the trademarked name of a product.

2. List all XML files residing in the C:\Windows folder.
3. Locate a particular file residing in the C:\Program Files folder.
4. Locate all text files containing a particular text string.

Administrator
Pa$$w0rd.
f Task 2: List all XML files residing in the C:\Windows folder

• Open Windows PowerShell and change to the C:\Windows folder.
• List all files having the file name extension "xml."
f Task 3: Locate a particular file residing in the C:\Program Files folder

• In Windows PowerShell, change to the C:\Program Files folder.
• Locate all copies of the file named Oledb32.dll.
f Task 4: Locate all text files containing a particular text string

• Change to the C:\Windows\System32\WindowsPowerShell folder.
• Write a script or command that displays the full path and name of all files in
the folder having the file name extension "txt". For files that contain the word
"PowerShell," also display the line number where the word "PowerShell" can be
found within that file.
Results: After this exercise, you should have located files of a specified file type, or files
having a specified name. You should also have located all files containing a specified
trademarked term.
Exercise 2: Modifying Registry Entries

Scenario
A new IT security policy at Woodgrove Bank requires that certain kinds of scripts
be code signed. As an administrator at the bank, you decide to reconfigure the
Windows Script Host (WSH) not to use software restriction policies to determine if
a script is trusted for execution. For greater security you will also configure the
WSH to execute only those scripts that carry a digital signature.
Exercise Overview
In this exercise, you will modify a set of registry entries, changing the TrustPolicy
settings for Windows Script Host.
1. Modify the WinSAFER registry setting for WSH
2. Create the TrustPolicy setting for the WSH
f Task 1: Modify the WinSAFER registry setting for WSH

• In Windows PowerShell, navigate to the
\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host
registry key.
• Modify the UseWinSAFER setting to have a value of 0.
f Task 2: Create the TrustPolicy setting for the WSH

• In Windows PowerShell, navigate to the
\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host
registry key.
• Create a new setting called TrustPolicy and set it to have a decimal value of 2.
Results: After this exercise, you should have modified the WSH registry settings so that
only scripts that are digitally signed will be executed, regardless of the Software
Restriction Policies settings.
Exercise 3: Generating Reports

Scenario
Some of the servers that you administer at Woodgrove Bank are file servers that
have been used to store collections of bitmap files, which is against corporate
policy. You also want to scan for any large files except for dynamically linked
libraries. As a result, you have decided to produce various reports designed to help
clean up the file system of a server. You need to produce a report listing files of a
disallowed type and a report listing files whose size is greater than a specified
amount.
Exercise Overview
In this exercise, you will generate a report of disallowed files on a server, and of
large files on a server.
1. Produce a report showing disallowed files
2. Produce a report showing large files
f Task 1: Produce a report showing disallowed files

• Use Windows PowerShell to produce a report that shows the location of all
files that have a "bmp" file name extension.
• The report should be in CSV format and should contain two columns that
show the directory path and file name of each file.
• Name the report file Bitmaps.csv.
f Task 2: Produce a report showing large files

• Use Windows PowerShell to produce a report that shows the location and size
of all files with a file size greater than 10 MB.
• The report should exclude files with the file name extension "dll."
• The report should be in CSV format, and contain three columns that show the
directory path, file name, and size in bytes of each file.
• Name the report file BigFiles.csv.
Results: After this exercise, you should have produced two reports that can be used to
help clean up the file system of a server.
Exercise 4: Generating Reports on the Security Log

Scenario
A security auditor working for Woodgrove Bank asks you to provide a report, in
CSV format, of specified security audit events from a server. Knowing that
Windows PowerShell can be used to select the appropriate information, you use
the shell to first retrieve the required security audit events, and then, after you have
manually confirmed that the proper events have been selected, you export the
selected event information to a comma separated values (CSV) file.
Exercise Overview
In this exercise, you will scan the system event log for all instances of a particular
event ID and generate a CSV file containing the results.
1. Retrieve audit events that match the specified criteria
2. Create a report using the retrieved audit events
f Task 1: Retrieve audit events that match the specified criteria

• Retrieve and display the security event log events having an event ID of 4634,
4672, or 4624.
f Task 2: Create a report using the retrieved audit events

• Using the command created for Task 1, create a CSV file containing the event
ID, entry type, and time generated properties for each audit event.
• Name the CSV file AuditLog.csv.
Results: After this exercise, you should have created a CSV report containing the
specified audit events.
Exercise 5: Comparing Files

Scenario
You are responsible for maintaining a Windows Server 2008 computer. You need
to document the services that are installed on the computer. Periodically, you need
to compare the services that are currently-installed on your computer to the
documented set of services and report any differences.
Exercise Overview
In this exercise, you will create a baseline of installed services on a computer. You
will then install new services, and demonstrate how the baseline can be used to
audit the current configuration of the server and display discrepancies.
1. Create a baseline of installed services
2. Install additional services on the computer
3. Compare the baseline to the current state
f Task 1: Create a baseline of installed services

• Create an XML file that contains a snapshot of the services that are currently
installed on the computer.
f Task 2: Install additional services on the computer

• Start Server Manager.
• Add the Fax Server role and any required features.
f Task 3: Compare the baseline to the current state

• Compare the snapshot created in Task 1 to the services that are currently
installed on the computer, and display any differences.
• Display the names of only those services that are different.
Results: After this exercise, you should have created a baseline configuration file and
used it to audit the services that are installed on a server.
Lab Instructions: Managing the Windows Operating System Using Windows PowerShell™ and WMI 1
Module 8
Lab Instructions: Managing the Windows
Operating System Using Windows PowerShell™
and WMI
Contents:
Exercise 1: Using WMI Classes in Windows PowerShell 2
Exercise 2: Using WMI Type Accelerators 4
Exercise 3: Managing Disk Volumes in Windows PowerShell 5
Exercise 4: Defragmenting Disk Volumes Using Windows PowerShell 6
Exercise 5: Managing IIS 7.0 Properties Using WMI 7
2 Lab Instructions: Managing the Windows Operating System Using Windows PowerShell™ and WMI
Lab: Managing the Windows Operating System

with Windows PowerShell and WMI
Exercise 1: Using WMI Classes in Windows PowerShell

Scenario
As an administrator for Woodgrove Bank, you often need to retrieve information
about computers on your network. This information includes inventory
information, such as operating system version numbers, and operational
information, such as the processes that are currently running on a computer. You
have chosen to use Windows Management Instrumentation (WMI) classes in
Windows PowerShell to retrieve and process this information.
Exercise Overview
In this exercise, you will use WMI classes in Windows PowerShell.
1. Start the 6434A-NYC-DC1 virtual computer and log on as Administrator.
2. Retrieve the operating system and service pack version information from a
computer.
3. Retrieve information related to services that are installed on a computer.
4. Remove a shared folder from a computer.
f Task 1: Start the 6434A-NYC-DC1 virtual computer and log on as

Administrator
• Start the 6434A-NYC-DC1 virtual computer and log on as Administrator
using the password Pa$$w0rd.
f Task 2: Retrieve the operating system and service pack version

information from a computer
• Retrieve all instances of the Win32_OperatingSystem WMI class from the
local computer.
• Display only those properties that contain the operating system build number
and the major version number of the latest installed service pack.
• Complete this task using a technique that can be used either for the local
computer or for remote computers.
f Task 3: Retrieve information related to services that are installed on a

computer
• Create a list of installed services that includes the service name, the user
account that the service uses to log on, and the start mode that the service is
configured to use.
f Task 4: Remove a shared folder from a computer

• Retrieve all instances of the Win32_Share class that have a Name property
containing "FileShare".
• Execute the Delete() method of all retrieved Win32_Share instances.
Results: After this exercise, you should have retrieved inventory and operational
information from a computer using a technique that can be used for either the local
Exercise 2: Using WMI Type Accelerators

Scenario
You administer file servers for Woodgrove Bank. Creation of new shared folders
and running programs remotely are common tasks in your job. As new committees
and projects form every week, you need to ensure that people have access to
shared folders to support their latest endeavors. As a part of your remote
management duties, you frequently need to launch software on servers and
workstations throughout the organization. You need to create a new shared folder
so that users can access shared documents on one of the file servers that you
maintain at Woodgrove Bank. You also need to use Windows PowerShell to launch
new processes, including doing so on remote computers. You choose to use WMI
type accelerators to accomplish these tasks.
Exercise Overview
In this exercise, you will create a shared folder and launch a new process.
1. Create a folder to share.
2. Share the folder.
3. Launch a new process.
f Task 1: Create a folder to share

• Create a folder named C:\SharedDocuments.
f Task 2: Share the folder

• Use the [WMICLASS] type accelerator to retrieve the Win32_Share class.
• Use the Create() method of the Win32_Share class to create a new shared
folder named Docs for the C:\SharedDocuments folder.
f Task 3: Launch a new process

• Use the [WMICLASS] type accelerator to retrieve the Win32_Process class.
• Use the Create() method of the Win32_Process class to launch Windows
Notepad.
Results: After this exercise, you should have created a new shared folder and launched
Windows Notepad.
Exercise 3: Managing Disk Volumes in Windows PowerShell

Scenario
In this exercise, you will produce an inventory report of the disk volumes on a
computer. Your report will include information such as total size, space available,
and other information, and will be used for capacity planning on the current and
future servers that you administer at Woodgrove Bank. You also need to produce
reports that list all the volumes that are attached to a computer, for inventory
purposes.
Exercise Overview
In this exercise, you will manage disk volumes in Windows PowerShell.
1. Report on free disk space for local disk volumes.
2. Report on all volumes attached to a computer.
f Task 1: Report on free disk space for local disk volumes

• Create a report that uses the Win32_Volume class to display the drive letter,
total space, and free space for local hard disks only.
• Display the report in table format on the screen.
f Task 2: Report on all volumes attached to a computer

• Create a report that shows all attached volumes. The report should include the
volume name (drive letter) and its drive type number.
• Save the report in a CSV file named DriveInventory.csv.
Results: After this exercise, you should have produced drive volume reports that can
be used for inventory and capacity planning purposes.
Exercise 4: Defragmenting Disk Volumes Using Windows

PowerShell
Scenario
Many of the NTFS volumes that you administer at Woodgrove Bank are heavily
utilized, with files being created, modified, and deleted at a rapid rate. As such, the
allocation of clusters to the files on these volumes can quickly become fragmented.
Your manager has asked if you can automate scheduling of defragmentation of
these values based on a needed versus not needed analysis and to track the
frequency and dates of when each volume is defragmented. As the first step in
prototyping this automation, you will use WMI in Windows PowerShell to
defragment a small hard disk.
Exercise Overview
1. Defragment the E drive.
f Task 1: Defragment the E drive

• Use WMI to obtain the Win32_Volume instance that represents the E drive.
• Note that the backslash (\) character is a special character in WMI. If you
specify a filter, you must type two backslashes. For example, instead of "E:\,"
you would type "E:\\."
• Run the Defrag() method of the instance that you obtained.
Results: After this exercise, you should have defragmented the E drive on your virtual
machine.
Exercise 5: Managing IIS 7.0 Properties Using WMI

Scenario
You are a Web server administrator for Woodgrove Bank. You need to write a set
of Windows PowerShell functions that will make it easier and faster to maintain
Web sites running under IIS 7.0.
Exercise Overview
In this exercise, students will manage IIS 7.0 properties by using WMI.
2. Install IIS 7.0
3. Write the Get-WebSiteStatus function.
4. Write the Restart-WebSite function.

Administrator
• Start the 6434A-NYC-DC1 virtual machine and log on as Administrator.
f Task 2: Install IIS 7.0

• Use Server Manager to install IIS 7.0.
• Ensure that you select the following Management Tools:
• IIS Management Console
• IIS Management Scripts and Tools
• Management Service
• IIS 6 Management Compatibility
f Task 3: Write the Get-WebSiteStatus function

• Write a Windows PowerShell function named Get-WebSiteStatus.
The function must accept the name of a Web site as an input argument, and
the function must output the state of the Web site: Running, Stopped,
Stopping, Starting, or Unknown.
The function should use WMI to retrieve the specified Web site, execute its
GetState() method, and display the result.
• Use the function to retrieve the status of the default Web site.
f Task 4: Write the Restart-WebSite function

• Write a Windows PowerShell function named Restart-WebSite.
The function must accept the name of a Web site as an input argument.
The function should retrieve that Web site and execute its Stop() and
Start() methods.
• Use the function to restart the default Web site.
Results: After this exercise, you should have written two functions that help make
IIS 7.0 Web site maintenance easier.
Lab Instructions: Administering Microsoft® Active Directory® with Windows PowerShell™ 1
Module 9
Lab Instructions: Administering Microsoft®
Active Directory® with Windows PowerShell™
Contents:
Exercise 1: Managing Active Directory Domain and Forest Properties 2
Exercise 2: Maintaining Active Directory with ADSI 4
Exercise 3: Maintaining Relationships in Active Directory with ADSI 6
Exercise 4: Managing IIS 7.0 with the .NET Web.Administration.ServerManager
Class 7
2 Lab Instructions: Administering Microsoft® Active Directory® with Windows PowerShell™
Lab: Administering Active Directory with

Windows PowerShell
Exercise 1: Managing Active Directory Domain and Forest

Properties
Scenario
You are an administrator for Woodgrove Bank who is responsible for systems
security. You and your IT director are concerned about maintaining adequate
password policies, because many bank computers, such as those used for teller
access, are near public view. You have heard reports of security breaches at other
banks due to weak password security. You need to create a report that displays the
password policies for your Active Directory domain.
Exercise Overview
In this exercise, students will manage Active Directory domain and forest
properties.
1. Obtain a reference to the domain.
2. Display domain password policy properties.

Administrator
• Start the 6434A-NYC-DC1 virtual machine and log on as Administrator using
the password Pa$$w0rd.
f Task 2: Obtain a reference to the domain

• Use Windows PowerShell to obtain a reference to the current domain.
• Store the reference in the variable $domain.
f Task 3: Display domain password policy properties

• Display the list of domain properties by using Get-Member.
• Display the following settings from the password policy for the domain:
• Minimum password length
• Password history length
• Maximum password age
Results: After this exercise, you should have displayed the domain password policies
for your domain.
Exercise 2: Maintaining Active Directory with ADSI

Scenario
You are a directory administrator for Woodgrove Bank. Each week, the company
provides you with a text file that lists new employees and the branches that they
work in. The file is in comma-separated values (CSV) format. You need to use the
file to create new Active Directory user accounts. You have chosen to use the CSV
import capabilities and the ADSI type accelerator in Windows PowerShell to
accomplish this.
Exercise Overview
In this exercise, students will maintain Active Directory objects using ADSI in
Windows PowerShell.
1. Write a script that creates an organizational unit.
2. Create a sample CSV file.
3. Write a script that imports the CSV file and creates user accounts.
f Task 1: Write a script that creates an organizational unit

• Use Windows Notepad to create an OU.
• In the file, type the following information:
• $dom = [ADSI]"LDAP://dc=woodgrovebank,dc=com"
• $ou = $dom.Create( "organizationalUnit", "ou=Tellers" )
• $ou.SetInfo()
• Save the file.
f Task 2: Create a sample CSV file

• Use Notepad to create a file named Users.csv.
• Double-check to be sure that Windows Notepad does not add a "txt" filename
extension.
• In the file, type the following information:
• FullName,LogonName,Branch
• Jesper Aaberg,Jesper,New York City
• Syed Abbas,Syed,Seattle
• Save the file.
f Task 3: Write a script that imports the CSV file and creates
user accounts
• Write a Windows PowerShell script that performs the following steps:
• Read the contents of the CSV file.
• For each line in the file, excluding the first row, create a new user account.
• The "FullName" column is the canonical name (CN) of the user.
• The "LogonName" column is the SAM Account Name of the user.
• The "Branch" column is the Department of the user.
• The new user accounts should be disabled (this is the default).
• The user accounts must be created in the Tellers OU.
Results: After this exercise, you should have written a script that reads a CSV file and
uses the information in it to create new user accounts.
Exercise 3: Maintaining Relationships in Active Directory

with ADSI
Scenario
At Woodgrove Bank, corporate reorganizations seem to be a fairly regular exercise.
Even without such reorganizations, the turnover rate for some of the bank jobs
seems to be going for a world record, and promotions in the branch offices seem to
occur every month. As a directory administrator supporting the Human Resources
department, you need to maintain up-to-date manager and direct report
information for the enterprise. Each time that a new person is promoted or hired to
a manager position, people who report directly to that person need to be updated
in the directory. As an Active Directory administrator, you are responsible for
maintaining reporting hierarchy information for the organization. You regularly
update the manager attribute for several users in the Woodgrove Bank Active
Directory domain. You decide to start by configuring the user accounts for workers
in the Seattle branch with the appropriate manager.
Exercise Overview
In this exercise, students will manage relationships between user accounts and
groups using ADSI in Windows PowerShell.
1. Retrieve the user account of the new manager.
2. Update the accounts of selected users.
f Task 1: Retrieve the user account of the new manager

• Run a command that retrieves the user account for Kristian Gotsch in the
Executives OU. Store the account in the variable $mgr.
• Set the variable $mgrname to contain the DN of Kristian Gotsch.
f Task 2: Update the accounts of selected users

• Dot source the GetUser.ps1 and SetUser.ps1 scripts into the shell.
• Write a one-liner that performs the following steps:
• Retrieves all user accounts in the domain
• Keeps only those user accounts whose Department attribute is "Seattle."
• Update the manager attribute of those accounts to have Kristian Gotsch
as the manager.
Results: After this exercise, you should have updated two user accounts to have a new
manager attribute.
Exercise 4: Managing IIS 7.0 with the .NET

Web.Administration.ServerManager Class
Scenario
You are a Web server administrator for Woodgrove Bank. For security reasons,
new promotions and new products need to be published to separate Web sites that
are distinct from the regular Web sites for the bank. Because these new promotions
come out regularly, new Web sites need to be created frequently. You want to write
a Windows PowerShell script that automates the creation of new IIS 7.0 Web sites.
Exercise Overview
In this exercise, students will manage IIS 7.0 by using the .NET
Web.Administration.ServerManager class.
1. Write a Windows PowerShell script that creates a new Web site.
f Task 1: Write a Windows PowerShell script that creates a new Web site
• Write a script that accepts several parameters:
• Web site root directory path
• Web site name
• Web site HTTP port
The script should create a new IIS 7.0 Web site on the local computer, using
the parameters that are provided.
• Test the script by using it to create a new Web site named MyWeb, with a root
path of C:\Inetpub\wwwroot2, and a port of 8080.
• Check your results in Microsoft® Internet Explorer® by browsing to
http://localhost:8080.
Results: After this exercise, you should have created a script that automates the
creation of new IIS 7.0 Web sites.
Lab Instructions: Administering Group Policy in Windows PowerShell™ Using COM 1
Module 10
Lab Instructions: Administering Group Policy in
Windows PowerShell™ Using COM
Contents:
Exercise 1: Retrieving a GPO by Using a COM Object 2
Exercise 2: Copying Group Policy Settings 3
Exercise 3: Backing Up and Restoring a GPO 4
Exercise 4: Generating Group Policy Reports 5
2 Lab Instructions: Administering Group Policy in Windows PowerShell™ Using COM
Lab: Administering Group Policy in Windows

PowerShell
Exercise 1: Retrieving a GPO by Using a COM Object

Scenario
You are a directory administrator for Woodgrove Bank. You need to use Windows
PowerShell to retrieve a Group Policy object (GPO) from Active Directory so that
you can perform several management tasks that use the GPO.
Exercise Overview
In this exercise, you will use COM objects in Windows PowerShell.
2. Retrieve the GPO that has the display name GPO1, and store it in a variable.

Administrator
• Start the 6434A-NYC-DC1 virtual machine and log on as Administrator using
f Task 2: Retrieve the GPO that has the display name GPO1, and store it
in a variable
• Instantiate the GPMC COM object.
• Retrieve a reference to the woodgrovebank.com domain.
• Create GPO search criteria and retrieve all GPOs in the domain.
• Use the Where-Object cmdlet to filter out all GPOs except the one that has the
display name "GPO1".
• Store the GPO in a variable named $gpo.
Results: After this exercise, you should have retrieved the GPO named GPO1 and
stored it in the variable $gpo.
Exercise 2: Copying Group Policy Settings

Scenario
You are a directory administrator for Woodgrove Bank. You need to make a copy
of an existing GPO to form the basis for a new GPO. This approach is typically
used when a department needs settings that are similar to those of another
department that already has a useful GPO, but linking is not appropriate because
the two departments need to maintain different policy settings throughout their life
cycle.
Exercise Overview
In this exercise, students will copy Group Policy settings from one GPO to another.
1. Copy the Group Policy object GPO1 to GPO3.
4 Lab Instructions: Administering Group Policy in Windows PowerShell™ Using COM
f Task 1: Copy the Group Policy object GPO1 to GPO3.

• Copy GPO1 to a new GPO named GPO3. Use the CopyTo() method of the
$gpo object, and use the $domain object as a target.
Results: After this exercise, you should have copied GPO1 to GPO3.
Exercise 3: Backing Up and Restoring a GPO

Scenario
You are a directory administrator for Woodgrove Bank. You need to back up a
GPO, and test your ability to restore it. You use this feature most often to move
GPOs back and forth from your test environment to your production environment.
Exercise Overview
In this exercise, students will back up and restore GPOs.
1. Back up the GPO1 GPO.
2. Delete the GPO1 GPO.
3. Restore the GPO1 GPO.
f Task 1: Back up the GPO1 GPO

• Create a folder named C:\GPOBackup.
• Use the Backup() method of the $gpo object to back up GPO1 to a file named
GPO1Backup.
f Task 2: Delete the GPO1 GPO

• Use the GPMC to delete the GPO1 GPO, which is linked to the Tellers OU.
f Task 3: Restore the GPO1 GPO

• Obtain a reference to the GPOBackup folder.
• Use the SearchBackups() method to load all backed-up GPOs.
• Use the Where-Object cmdlet to filter out all GPOs that do not have a
GPODisplayName property of GPO1. Store the remaining GPO in a variable
named $backup.
• Use the RestoreGPO() method of the domain to restore the $backup object.
Results: After this exercise, you should have backed up, deleted, and restored a GPO.
Exercise 4: Generating Group Policy Reports

Scenario
You are a directory administrator for Woodgrove Bank. You need to restore a GPO,
but prior to doing so you need to generate a report describing the contents of the
GPO. You want the report to be in HTML format.
Exercise Overview
In this exercise, you will generate Group Policy change reports.
1. Create an HTML report of the backed-up GPO named GPO1.
f Task 1: Create an HTML report of the backed-up GPO named GPO1

• Use the GenerateReport() method of the $backup object to generate an
HTML report named GPO1.html.
• View the report in Internet Explorer.
Results: After this exercise, you should have viewed an HTML report of a backed-up
GPO.
Lab Answer Key: Introduction to Windows PowerShell™ 1
Module 1
Lab Answer Key: Introduction to Windows
PowerShell™
Contents:
Exercise 1: Installing Windows PowerShell 2
Exercise 2: Customizing Windows PowerShell 4
2 Lab Answer Key: Introduction to Windows PowerShell™
Lab: Implementing Windows

PowerShell
Logon information:
• Virtual Machine: 6434A-NYC-DC1
• User name: Administrator
• Password: Pa$$w0rd
Estimated time: 20 minutes
Exercise 1: Installing Windows PowerShell

Scenario
You are a Windows Server 2008 administrator for Woodgrove Bank. You plan to
automate several Windows Server administration tasks by using Windows
PowerShell, in addition to using the shell for interactive systems management.
Therefore, you need to install Windows PowerShell on Windows Server 2008.
Knowing that Windows PowerShell depends on the .NET Framework, you will
first ensure that this framework is installed prior to installing Windows
PowerShell.
Exercise Overview
In this exercise you will select and install the correct build of Windows PowerShell
v1.0.
Note: This document refers to the domain controller by its virtual machine name
6434A-NYC-DC1, whereas the internal computer name in the Windows server within
that virtual machine is NYC-DC1. The VM name and Windows computer name are
not identical.

Administrator
1. Open the Virtual Server Remote Control Client and double-click 6434A-
NYC-DC1.
2. Log on as Administrator using the password Pa$$w0rd.
f Task 2: Verify that the Windows PowerShell system requirements are

met
1. If Server Manager is already running, bring its window to the front. If Server
Manager is not currently running, launch it now as follows: Click Start, point
to Administrative Tools, and then click Server Manager.
2. Under Features, verify that the .NET Framework is installed. If it is not:
a. Click Add features.
b. Expand .NET Framework 3.0 Features and select .NET Framework 3.0.
c. Click Next.
d. Click Install.
e. Click Close.
f Task 3: Install Windows PowerShell

1. If Server Manager is not open, click Start, point to Administrative Tools, and
then click Server Manager.
2. Select Features.
3. Click Add features.
4. Select Windows PowerShell.
5. Click Next.
6. Click Install.
7. Click Close.
Results: After this exercise, you should have installed Windows PowerShell on
6434A-NYC-DC1.
4 Lab Answer Key: Introduction to Windows PowerShell™
Exercise 2: Customizing Windows PowerShell

Scenario
An administrator in your company, Woodgrove Bank, has a visual impairment and
cannot easily read the Windows PowerShell console when it is set to use the
default colors. You need to customize the console window to use different colors
that provide greater contrast. You also need to ensure that the shell can run scripts
that you and the other administrators at the bank have written, as well as
downloaded scripts that have been digitally signed.
Exercise Overview
In this exercise you will set the script execution policy in Windows PowerShell,
and customize the appearance of the Windows PowerShell console window.
f Task 1: Set the script execution policy

1. Click Start, point to All Programs, and then point to Windows PowerShell
1.0. Right-click Windows PowerShell and click Run as Administrator.
2. Type Set-ExecutionPolicy RemoteSigned unless your instructor has specified
an execution policy other than RemoteSigned. Press ENTER.
Question: What is the danger of using the Unrestricted execution policy?
Answer: Any script can run without having a digital signature, creating a
situation in which malicious scripts can be downloaded from the Internet and
executed.
f Task 2: Customize the appearance of the Windows PowerShell console

window
1. Click the control box in the upper-left corner of the Windows PowerShell
window.
2. Select Properties.
3. On the Layout tab, for the Screen Buffer Size, specify a Width of 100, and for
the Window Size, specify a Width of 80.
4. On the Colors tab, select Screen Background and select the dark green color
swatch (third from the left). Your instructor might specify an alternate color or
allow you to choose your own.
5. On the Options tab, ensure that the QuickEdit Mode check box is selected,
and click OK.
6. Type Exit and press ENTER.
Results: After this exercise, you should have set the script execution policy to allow for
script execution, and customized the Windows PowerShell console window.
Lab Answer Key: Overview of Windows PowerShell™ 1
Module 2
Lab Answer Key: Overview of Windows
PowerShell™
Contents:
Exercise 1: Learning Cmdlets and Defining Aliases 3
Exercise 2: Holding the Output of a Cmdlet 4
2 Lab Answer Key: Overview of Windows PowerShell™
Lab: Working with Windows PowerShell

Cmdlets, Aliases, Objects, and Variables
Logon information:
• Virtual machine: 6434A-NYC-DC1

f Exercise 1: Learning Cmdlets and Defining Aliases

Scenario
You are an administrator for Woodgrove Bank. You plan to automate several
Windows Server administrative tasks by using Windows PowerShell. To maximize
your efficiency with Windows PowerShell, you decide to create custom
abbreviations for the cmdlets that you will use most frequently. Therefore, you
need to learn the necessary cmdlets and define aliases for them. Many tasks that
you need to automate involve accessing the event logs; therefore, you decide to
start by finding cmdlets that work with the event logs. You also need a quick way
to save the output of Windows PowerShell operations in a file; consequently, you
also intend to find cmdlets that work with output and files.
Exercise Overview
In this exercise, you will identify the cmdlets necessary to perform specific tasks,
and you will create a new alias to one of those cmdlets.

1. Open the Virtual Server Remote Control Client and double-click
6434A-NYC-DC1.
3. Click Start, point to All Programs, point to Windows PowerShell 1.0, and
click Windows PowerShell.
f Task 2: Identify the cmdlets that perform a specific task

1. Type Get-Command –noun eventlog and press ENTER.
2. Make a note of the cmdlet, Get-EventLog, that is displayed.
3. Type Get-Command –noun file or Get-Command –verb out and press
ENTER.
4. Make a note of the cmdlet, Out-File, that performs the desired task.
4 Lab Answer Key: Overview of Windows PowerShell™
f Task 3: Create an alias

1. Type New-Alias of out-file and press ENTER.
2. Type Get-Alias to verify the creation of the new alias, then press ENTER.
Question: If you close and re-open Windows PowerShell, is your new alias still
available?
Answer: No. Aliases persist for the duration of the current shell session only.
Question: How can you create a persistent alias?
Answer: Create the alias in your Windows PowerShell profile by adding the
appropriate New-Alias cmdlets or cmdlets to the profile script.
Results: After this exercise, you should have identified two cmdlets and created an
alias for one of those cmdlets.
f Exercise 2: Holding the Output of a Cmdlet

Scenario
You need to capture the output of a cmdlet so that the output can be used to
perform other tasks. You also want to be able to review the output at a later time.
At Woodgrove Bank, one of your administrative duties involves keeping track of
the processes that are running on your servers. You periodically need to make
snapshots of the list of processes running on each server; but occasionally, you
need to work with these lists right away. Therefore, you decide to keep the list of
processes in Windows PowerShell variable and then save the list of processes in
that variable to a text file.
Exercise Overview
In this exercise you will run a cmdlet and retain its output in a variable.
f Task 1: Obtain the currently running processes and store them in a

variable
• If you closed Windows PowerShell in the previous exercise, launch a new
instance using the following method: click Start, point to All Programs, point
to Windows PowerShell 1.0, and click Windows PowerShell. Type
$processes = get-process and press ENTER.
f Task 2: Display the processes stored in a variable

1. Type $processes and press ENTER.
2. Type $processes | out-file c:\processes.txt and press ENTER. (Your
instructor might specify an alternate filename or location.)
Results: After this exercise, you should have run a cmdlet and retained its output in a
variable. You should also have displayed the contents of that variable.
Lab Answer Key: Building Pipelines for Assembly-Line Style Processing 1
Module 3
Lab Answer Key: Building Pipelines for
Assembly-Line Style Processing
Contents:
Exercise 1: Evaluating Process Properties Using the Get-Member Cmdlet 3
Exercise 2: Calculating Process Memory Usage 4
Exercise 3: Using Associative Array Variables 5
Exercise 4: Sorting and Selecting Elements from a Resultant Set of Data 6
2 Lab Answer Key: Building Pipelines for Assembly-Line Style Processing
Lab: Implementing Pipelines in Windows

PowerShell
Logon information:

Exercise 1: Evaluating Process Properties Using the Get-

Member Cmdlet
Scenario
You need to use Windows PowerShell to perform several tasks related to running
processes. In order to do so, you need to identify the appropriate process object
properties. The servers that you manage at Woodgrove Bank must be monitored
with respect to virtual memory utilization and physical memory utilization,
including the amount of non-paged memory that is being used. These memory
utilizations must be tracked per process so that you can evaluate which processes
are the biggest consumers, and so that you can track growth in memory
utilizations over time due to increasing traffic through the services hosted by your
servers.
Exercise Overview
In this exercise you will use the Get-Member cmdlet to identify various properties
of a Process object.

1. Open the Virtual Server Remote Control Client and double-click 6434A-NYC-
DC1.
f Task 2: Identify specific properties of a Process object

1. Type Get-Process | Get-Member and press ENTER.
2. Examine the list of Process object properties to determine the properties that
represent:
• Virtual memory utilization: VM
• Paged memory utilization: PM
• Non-paged memory utilization: NPM
Results: After this exercise, you should have identified the Process object properties
that represent the virtual memory utilization, paged memory utilization, and non-
paged memory utilization of a process.
Exercise 2: Calculating Process Memory Usage

Scenario
Lately at Woodgrove Bank, concerns have been raised as to whether your servers
have adequate RAM to deal with the increased traffic load created by many new
users after a recent merger. You need to identify which services and applications
are consuming the most memory. In order to narrow down which processes are
responsible for high memory consumption, you need to calculate and display the
amount of memory used by the processes running on a server.
Exercise Overview
In this exercise, you will use Windows PowerShell to calculate the memory usage
for the processes running on a computer.
f Task 1: Display memory utilization statistics for running processes

1. Type Get-Process | Measure-Object PM –average and press ENTER.
2. Type Get-Process | Measure-Object VM –sum and press ENTER.
3. Type Get-Process | Measure-Object PM,VM –average –sum –min -max and
press ENTER.
Results: After this exercise, you should have displayed various memory utilization
statistics for the processes running on a computer.
Exercise 3: Using Associative Array Variables

Scenario
You monitor many of the servers in the data centers of Woodgrove Bank remotely
from a central network operation center. You use powerful systems management
products to accomplish some of your goals, but some tasks are best handled with
custom Windows PowerShell scripts. One of the scripts that you are writing needs
to keep track of the computer name, primary management IP address, and the
operating system that the server is running. You need to create an associative array
to store multiple pieces of information in a single variable, and utilize the array to
access specified pieces of information.
Exercise Overview
In this exercise you will create and utilize an associative array.
f Task 1: Create an associative array and populate it with values

• Type the following, making sure you press ENTER after each line:
$arr =
@{"Name"="Server2";
"IP"="192.168.10.10";
"OS"="Windows Server 2008"}
Note: The prompt ">>" indicates that line continuation rules are in effect. If you see
the ">>" prompt, it means that the lines that you type will be considered as part of
the prior line. Therefore, either continue to type more if you are continuing the
command that you started (or continued) in the previous line, or type a blank line at
the ">>" prompt to end the current statement or command if you are finished
entering that command.
f Task 2: Display specified members of an associative array

• Type $arr.IP and press ENTER.
Results: After this exercise, you should have created an associative array and displayed
specific values from within the array.
Exercise 4: Sorting and Selecting Elements from a Resultant

Set of Data
Scenario
You have determined that the amount of physical memory in some of the servers
that you administer at Woodgrove Bank is inadequate. You need to create a report
that describes the processes that are running on a server. You need to sort this set
of objects so that they appear in the correct order, and ensure that only the
necessary object property values are displayed. You decide to sort by the physical
memory used by each process, with the largest consumer at the beginning of the
list and the process with the smallest memory footprint at the end of the list. In
order to focus on only the necessary information, you then decide to report only
the process names and physical memory utilization values, and also to limit the list
to the top ten processes that are using disproportionately large amounts of
memory.
Exercise Overview
In this exercise you will retrieve the currently running processes and display them
in a sorted table that includes a subset of the processes and their properties.
f Task 1: Sort processes into the desired order

• Type Get-Process | Sort-Object PM -descending and press ENTER.
f Task 2: Select the desired properties of a process

• Type Get-Process | Sort-Object PM –descending | Select-Object Name,PM
and press ENTER.
Question: How can you use aliases and abbreviated parameter names to
shorten this command?
Answer: ps | sort pm –des | select name,pm
f Task 3: Select a subset of the available processes

• Type Get-Process | Sort-Object PM –descending | Select-Object Name,PM –
first 10 and press ENTER.
Results: After this exercise, you should have created a table that displays a sorted
subset of running processes.
Lab Answer Key: Managing Processes and Formatting Cmdlet Output 1
Module 4
Lab Answer Key: Managing Processes and
Formatting Cmdlet Output
Contents:
Exercise 1: Implementing Basic Formatting Control 2
Exercise 2: Formatting with the -f Operator 4
Exercise 3: Implementing Advanced Formatting 5
2 Lab Answer Key: Managing Processes and Formatting Cmdlet Output
Lab: Output Formatting and Process Control

with Windows PowerShell
Logon information:
Exercise 1: Implementing Basic Formatting Control

Scenario
You are an administrator for Woodgrove Bank. You need to format the output of
Windows PowerShell cmdlets so that administrative information is displayed in an
appropriate manner. Three of the common types of data that you work with are
services, event log entries, and processes. You choose an appropriate formatting
cmdlet to suit each type of data and the task at hand. In addition, you choose
specific properties of the different kinds of objects you work with so that both the
format and specific data that is presented in that format is easy to understand.
Exercise Overview
In this exercise you will use Windows PowerShell formatting cmdlets to create
basic customized formatting.
Note: Ensure that you are typing each command at a regular Windows PowerShell
prompt (for example, PS C:\Users\Administrator>). If the prior command has not
been completed, and you have a line continuation prompt (for example, >>) then
type CTRL+C prior to entering a new command.

1. Open the Virtual Server Remote Control Client and double-click
6434A-NYC-DC1.
f Task 2: Format services in a table

1. Type Get-Service | Format-Table Name,Status –autosize and press ENTER.
2. Type Get-Service | Format-Table Name,Status,CanPause and press ENTER.
Question: How can you see which other properties are available for display in
a table?
Answer: Type Get-Service | Get-Member and press ENTER.
f Task 3: Format event log entries in a list

• Type Get-EventLog System –newest 20 | Format-List * and press ENTER.
Question: Creating a list that shows all object properties often results in long
lists. What is one practical purpose for such a list?
Answer: To see all of the properties along with examples of the values that
those properties contain.
f Task 4: Format processes in a wide list

1. Type Get-Process | Format-Wide and press ENTER.
2. Type Get-Process | Format-Wide description and press ENTER.
Question: Which name does Format-Wide select by default?
Answer: If you do not specify a property to display, Format-Wide looks for a
Name property.
Results: After this exercise, you should have five custom formatted displays for various
operating system object types.
4 Lab Answer Key: Managing Processes and Formatting Cmdlet Output
Exercise 2: Formatting with the -f operator

Scenario
You are creating a script that will display messages regarding running processes.
Your manager at Woodgrove Bank expects clear and concise information that is
presented in an easy to understand format. You need to present her with
information about the memory utilization of specific processes at various points in
time. You need to insert formatted data into the messages so that the messages
have a clear meaning. You have chosen to use –f formatting operator of Windows
PowerShell to help in this task.
Exercise Overview
In this exercise, you will use the -f operator to provide custom formatting for
various operating system objects and data.
Note: Take special care when you are typing format strings. When you use format
strings such as "{0:d}" or "{1:N0}" be sure to use braces on either side of the
parameter specifier, and a colon (not a comma) between the parameter number (for
example, 0, 1, etc.) and the format type (for example, "d", "N0"). Additionally, be
careful not to introduce a space between a numeric value and the multiplier suffix
such as 1MB; this must be written as 1MB and not 1 MB.
f Task 1: Insert data into a string

1. Type $processes = Get-Process and press ENTER.
2. Type "The second process is {0}" –f $processes[1].Name, then press ENTER.
3. Type "The second process is {0}, and it is using {1:N0} bytes of virtual
memory." –f $processes[1].Name, $processes[1].VM, then press ENTER.
f Task 2: Insert numerically formatted data into a string

2. Type "The second process is {0}, and it is using {1:N0} bytes of virtual
memory." –f $processes[1].Name, ($processes[1].VM / 1MB), and press
ENTER
f Task 3: Insert date-formatted data into a string

1. Type $now = get-date and press ENTER.
2. Type "Today is {0:d}" –f $now and press ENTER.
Results: After this exercise you should have produced various strings that include
formatted data.
Exercise 3: Implementing Advanced Formatting

Scenario
You are creating a formatted report for your supervisor and need to ensure that the
report contains the correct data. Your supervisor is the director of IT at Woodgrove
Bank, and she is very busy. You want to ensure that the units of information that
you are reporting are consistent with other reports that she uses. Some of the
necessary data needs to be calculated using a mathematical expression.
Specifically, the virtual memory utilization of processes should be reported in units
of megabytes rather than in units of bytes. However, the available data is provided
in units of bytes. You decide to test the expression and reporting format and then
generate the report by providing a calculated property to the Windows PowerShell
table formatter.
Exercise Overview
In this exercise you will use the Format-Table cmdlet to implement advanced
formatting, including calculated columns in a table.
f Task 1: Prototype a calculated column using the -f operator

2. Type "{0:N0}" –f ($processes[0].vm / 1MB) and press ENTER.
f Task 2: Create a table that contains a calculated column

• Type Get-Process | Format-Table Name,@{Expression={"{0:N0}" –f
($_.vm/1MB)};Label="VM"}. Press ENTER.
Results: After this exercise you should have created a table that uses a calculated
column.
Lab Answer Key: Introduction to Scripting with Windows PowerShell™ 1
Module 5
Lab Answer Key: Introduction to Scripting with
Windows PowerShell™
Contents:
Exercise 1: Writing and Running a Script 2
Exercise 2: Customizing Profiles 4
2 Lab Answer Key: Introduction to Scripting with Windows PowerShell™
Lab: Implementing Scripts in

Windows PowerShell
Logon information:
Exercise 1: Writing and Running a Script

Scenario
Another administrator in Woodgrove Bank needs to regularly generate a report of
running processes that includes specific information. You need to write a script
that will enable the other administrator to perform this task without manually
entering Windows PowerShell commands.
Exercise Overview
In this exercise you will write a Windows PowerShell script that displays specified
information about running processes.

Administrator
1. Open the Virtual Server Remote Control Client and double-click NYC-DC1.
f Task 2: Create an empty script file

1. Open Windows Explorer and open the C drive.
2. Right-click and point to New, then select Folder.
3. Name the new folder Scripts.
4. Open the Scripts folder.
5. Right-click and point to New, then select Text Document.
6. Name the new file Mod5Task2.ps1.
Question: What happens if you have Windows Explorer configured to hide
filename extensions for known file types?
Answer: The new file is really named Mod5Task2.ps1.txt, although the “.txt”
portion of the filename is hidden.
7. Select the option to keep the filename extension.
f Task 3: Add Windows PowerShell commands to the script

1. Right-click Mod5task2.ps1 and click Edit.
2. On the first line of the file, type Get-Process | Format-Table Name,PM,VM –
autoSize.
3. From the File menu, select Save.
4. Close Windows Notepad.
f Task 4: Run the script and verify its operation

1. Open Windows PowerShell: click Start, point to All Programs, point to
Windows PowerShell 1.0, and click Windows PowerShell.
2. Type CD C:\Scripts and press ENTER.
3. Type .\Mod5Task2 and press ENTER.
Results: After this exercise, you should have created a script which, when executed,
displays information about processes running on the server.
4 Lab Answer Key: Introduction to Scripting with Windows PowerShell™
Exercise 2: Customizing Profiles

Scenario
You and the other administrators at Woodgrove Bank frequently use Windows
PowerShell to automate Windows Server administrative tasks. You need to become
more efficient at using the shell and must create shorter aliases to some of the
common cmdlets that you run. You want these aliases to be available each time
that you open the shell; therefore, you add them to your Windows PowerShell
profile. When your colleagues see how efficient you are with these aliases, they
might want to use them too, so you will likely be sharing your profile changes with
them.
Exercise Overview
In this exercise you will create a Windows PowerShell profile and configure it to
automatically create aliases each time that the shell is opened.
f Task 1: Create a blank profile script

1. Open Windows Explorer.
2. Browse to the Documents folder for your user.
3. Right-click the Documents folder, point to New, and select Folder.
4. Name the folder WindowsPowerShell. Be careful not to put any spaces in the
name.
5. Double-click the WindowsPowerShell folder to display its contents in the
right pane. Right-click in the right pane, point to New, and select Text
Document.
6. Name the file Microsoft.PowerShell_profile.ps1, taking care to use this exact
spelling and punctuation of the name.
Question: What is a significant security risk that is associated with profiles?
Answer: If Windows PowerShell is configured so that unsigned scripts can be
run, your profile can be modified by malicious code. Your profile will then
execute automatically the next time that you open the shell, also executing any
malicious code that was inserted.
f Task 2: Add commands to the profile

1. Right-click Microsoft.PowerShell_profile.ps1 and select Edit.
2. On the first line of the file, type New-Alias Gel Get-EventLog.
3. On the second line of the file, type New-Alias Of Out-File.
4. Save the file.
5. Close Notepad.
f Task 3: Test the profile and verify its operation

1. Close and reopen Windows PowerShell.
2. Type Gel Security and press ENTER.
3. Type Ps | Of C:\Scripts\Processes.txt and press ENTER.
Results: After this exercise, you should have created a Windows PowerShell profile
that automatically creates aliases each time the shell is opened.
Lab Answer Key: Implementing Flow Control and Functions 1
Module 6
Lab Answer Key: Implementing Flow Control
and Functions
Contents:
Exercise 1: Adding Flow Control in a Script 3
Exercise 2: Creating Functions 5
2 Lab Answer Key: Implementing Flow Control and Functions
Lab: Implementing Functions and

Flow Control in Windows
PowerShell
Logon information:

Exercise 1: Adding Flow Control in a Script

Scenario
You are a network administrator for Woodgrove Bank. You need to use Windows
PowerShell to inventory operating system versions, including the version of the
latest installed service pack, from several computers. You decide to use information
that is available via Windows Management Instrumentation (WMI) and choose the
Win32_OperatingSystem class to retrieve this information. Because the Caption
property of this class provides a more verbose operating system product name
than you want to display, you choose to use Windows PowerShell flow control to
help translate the operating system build number into a short representation of the
operating system version.

1. If the 6434A-NYC-DC1 virtual machine is not already running, open the
Virtual Server Remote Control Client and double-click 6434A-NYC-DC1.
2. If you are not already logged on to the VM as Administrator, log on as
Administrator using the password Pa$$w0rd.
3. If Windows PowerShell is not still running, click Start, point to All Programs,
point to Windows PowerShell 1.0, and click Windows PowerShell.
f Task 2: Retrieve the Windows build number and service pack version
from a computer
1. Type $wmi = Get-WmiObject Win32_OperatingSystem –computerName
NYC-DC1, and press ENTER.
2. Type $wmi | select BuildNumber,ServicePackMajorVersion, and press
ENTER.
f Task 3: Write a script that uses the build number to display the
operating system version
1. Ensure that the folder C:\Scripts exists. If it does not, create it using Windows
Explorer.
2. In Windows Explorer, open the C:\Scripts folder, right-click in the right pane,
point to New, and select Text Document.
3. Name the text document Mod6Task3.ps1.
4. Accept the change in filename extension.
5. Right-click Mod6Task3.ps1 and select Open to open the file in Windows
Notepad.
6. In Notepad, type the following commands, pressing ENTER after each line:
$computer = "NYC-DC1"
$os = Get-WmiObject Win32_OperatingSystem –computerName
$computer
$osver = "0"
switch ($os.BuildNumber) {
2195 { $osver="Win2000" }
2600 { $osver="WinXP" }
3790 { $osver="Win2003" }
6000 { $osver="Vista" }
default { $osver="Win2008" }
}
$output = "{0}: build {1} : {2}" -f $computer,$os.buildnumber,$osver
Write-Host $output
7. Save the file.

8. Close Notepad.
9. In Windows PowerShell, type the complete path and filename to
Mod6Task3.ps1 to execute it and verify its output. The full path to type is
C:\Scripts\Mod6Task3.ps1 (followed by the ENTER key).
Note: If the current location in the shell is the folder in which you saved the script,
then you can use a relative path such as .\Mod6Task3.ps1. Alternatively, you can
use an absolute full path. When you use an absolute full path, be sure to either
include grave accents before spaces or use quotation marks around the whole
path.
Question: How can you learn about the properties that are available for the
Win32_OperatingSystem class?
Answer: Run Gwmi win32_operatingsystem | gm and examine the output of
Get-Member.
Results: After this exercise, you should have created a script that retrieves and displays
the operating system version and latest installed service pack version from a specified
computer.
Exercise 2: Creating Functions

Scenario
You are an administrator for Woodgrove Bank. You have written a script that
retrieves the Windows operating system name and service pack version number
from a remote computer. However, you need to perform this task frequently, so
you want to make the script more easily accessible from within Windows
PowerShell.
f Task 1: Rewrite Mod6Task3.ps1 as a function

1. In Windows Explorer, right-click Mod6Task3.ps1 and select Copy.
2. Right-click within the same folder and select Paste.
3. Rename the pasted file to Mod6Function.ps1.
4. Right-click Mod6Function.ps1 and select Open to open the file in Windows
Notepad.
5. Modify the contents of Mod6Function.ps1 to be as follows:
Function Get-OSVersion ($computer) {
$os = Get-WmiObject Win32_OperatingSystem –computerName
$computer
$osver = "0"
switch ($os.BuildNumber) {
2195 { $osver="Win2000" }
2600 { $osver="WinXP" }
3790 { $osver="Win2003" }
6000 { $osver="Vista" }
default { $osver="Win2008" }
}
$output = "{0}: build {1} : {2}" –f $computer,$os.buildnumber,$osver
return $output
}
Get-OSVersion NYC-DC1
Note: Consider making the changes using a technique similar to the following:
First, add the function declaration line Function Get-OSVersion( $computer ){ at
the top of the file. Next, mark the end of the function by putting a line with a
closing brace } at the end of the file. Then add the line Get-OSVersion NYC-DC1 to
the end of the file. Modify the body of the function as follows. Delete the line
$computer = "NYC-DC1" because the computer name is now passed as an
argument parameter to the function. Change Write-Host to return (toward the
bottom of the function). Consider indenting all lines in the body of the function by
pressing TAB at the beginning of each line in the function.
6. Save the changes to the Mod6Function.ps1 file.

7. Close Notepad.
8. In Windows PowerShell, type the complete path and filename to
Mod6Function.ps1 to execute it and verify its output. The full path to type is:
C:\Scripts\Mod6Function.ps1 (followed by the ENTER key).
f Task 2: Add the function to your Windows PowerShell profile

1. Right-click Mod6Function.ps1 and select Open to open the file in Windows
Notepad.
2. Select all of the function text and press CTRL+C.
3. Use Windows Explorer to locate
\Users\Administrator\Documents\WindowsPowerShell\Windows.PowerShel
l_profile.ps1. Right-click the file and select Open to open it in Windows
Notepad.
4. Move the cursor to the end of the file and press CTRL+V.
5. Save the file.
6. Close Windows PowerShell, if it is open.
7. Open Windows PowerShell. Type Get-OSVersion NYC-DC1 and press
ENTER to verify the availability of the function.
Results: After this exercise, you should have created the Get-OSVersion function and
added it to your profile.
Lab Answer Key: Working with Files, the Registry, and Certificate Stores 1
Module 7
Lab Answer Key: Working with Files, the
Registry, and Certificate Stores
Contents:
Exercise 1: Searching for Certain Files 3
Exercise 2: Modifying Registry Entries 5
Exercise 3: Generating Reports 6
Exercise 4: Generating Reports on the Security Log 7
Exercise 5: Comparing Files 8
2 Lab Answer Key: Working with Files, the Registry, and Certificate Stores
Lab: Working with Files, the Registry, and

Certificate Stores
Logon Information:
• Virtual Machines: 6434A-NYC-DC1
• User Name: Administrator

Exercise 1: Searching for Certain Files

Scenario
You are an administrator for Woodgrove Bank. Another administrator has asked
you to locate several files on a server, and you have decided to use Windows
PowerShell to accomplish the task. You also need to locate all files containing a
specific text string. This text string is a copyrighted phrase that must be reviewed
and potentially changed by other users.
Exercise Overview
In this exercise, you will search within a folder for all files of a certain type, for files
having a certain name, and for files that contain a particular text string that
represents the trademarked name of a product.

Administrator
Pa$$w0rd.
f Task 2: List all XML files residing in the C:\Windows folder

2. Type Cd C:\Windows and press ENTER.
3. Type Dir –recurse –include "*.xml" and press ENTER.
Question: What happens if you run only Dir *.xml –recurse?
Answer: That does not achieve the desired result; *.xml is taken as the –path
parameter of the command, rather than as a filter.
f Task 3: Locate a particular file residing in the C:\Program Files folder

1. Type Cd C:\Program` Files and press ENTER.
Note: The grave accent character after the word Program escapes the normal
interpretation of the following space character, such that "C:\Program Files" is
considered as the value of the -Path parameter to the Set-Location cmdlet, which
is aliased as cd. Without the grave accent, the space between the words Program
and Files separates "C:\Program" as a value of the -Path parameter, and "Files" as
another parameter. This would generate an error such as "A parameter cannot be
found that matches the parameter name 'files'.
This example uses the grave accent. However, you can also use either apostrophes
or quotation marks (also known as single or double quotes) around the space or
around the whole path value, such as "C:\Program Files"
2. Type Dir –recurse –include "oledb32.dll" and press ENTER.
f Task 4: Locate all files containing a particular text string

1. Type Cd C:\Windows\System32\WindowsPowerShell and press ENTER.
2. Type Dir –recurse –include *.txt | ForEach-object { write-host $_.FullName;
Get-Content $_.FullName | select-string "PowerShell" | select
LineNumber } and press ENTER.
Question: What is the logic followed by this command?
Answer: First, the Dir command retrieves all files matching the criteria. Those
files are piped to ForEach-Object, which works with them one at a time. For
each file, the FullName property is written by using Write-Host. Then, the Get-
Content cmdlet retrieves the content from the file. The content is piped to
Select-String, which looks for matches for “PowerShell.” Any matches that are
produced are piped to Select-Object, which selects only the LineNumber
property.
Results: After this exercise, you should have located files of a specified file type, or files
having a specified name. You should also have located all files containing a specified
trademarked term.
Exercise 2: Modifying Registry Entries

Scenario
A new IT security policy at Woodgrove Bank requires that certain kinds of scripts
be code signed. As an administrator at the bank, you decide to reconfigure the
Windows Script Host (WSH) not to use software restriction policies to determine if
a script is trusted for execution. For greater security you will also configure the
WSH to execute only those scripts that carry a digital signature.
Exercise Overview
In this exercise, you will modify a set of registry entries, changing the TrustPolicy
settings for Windows Script Host.
f Task 1: Modify the WinSAFER registry setting for Windows Script Host
2. Type Cd "HKLM:\Software\Microsoft\Windows Script Host\Settings" and
press ENTER.
3. Type Set-ItemProperty . usewinsafer 0 and press ENTER.
Question: What happens if you run this command from the
HKLM:\Software\Microsoft\Windows Script Host\ folder?
Answer: Because the UseWinSAFER value is a property of the Settings items,
you have to be in the Settings item in order to use this command as shown.
Alternatively, you could stay in the WSH key and run Set-ItemProperty
Settings usewinsafer 0. This alternate command specifies the path of the Item
so that Windows PowerShell can retrieve the property.
f Task 2: Create the TrustPolicy setting for the Windows Script Host
1. Type Cd "HKLM:\Software\Microsoft\Windows Script Host\Settings" and
press ENTER.
2. Type New-ItemProperty -path . -name TrustPolicy -type dword -value 2 and
press ENTER.
Results: After this exercise, you should have modified the WSH registry settings so that
only scripts that are digitally signed will be executed, regardless of the Software
Restriction Policies settings.
Exercise 3: Generating Reports

Scenario
Some of the servers that you administer at Woodgrove Bank are file servers that
have been used to store collections of bitmap files, which is against corporate
policy. You also want to scan for any large files except for dynamically linked
libraries. As a result, you have decided to produce various reports designed to help
clean up the file system of a server. You need to produce a report listing files of a
disallowed type and a report listing files whose size is greater than a specified
amount.
Exercise Overview
In this exercise, you will generate a report of disallowed files on a server, and of
large files on a server.
f Task 1: Produce a report showing disallowed files

1. Type Cd C:\ and press ENTER.
2. Type Dir -recurse -include "*.bmp" | select fullname,name | export-csv
Bitmaps.csv and press ENTER.
Note: Ensure that you use Set-Location (alias cd) to a file system path prior to
working with files at relative paths, in case the current location is in another store,
such as the registry.
f Task 2: Produce a report showing large files

2. Type Dir -exclude "*.dll" -recurse | where { $_.length -gt 10mb } | select
name,fullname,length | export-csv BigFiles.csv, then press ENTER.
Results: After this exercise, you should have produced two reports that can be used to
help clean up the file system of a server.
Exercise 4: Generating Reports on the Security Log

Scenario
A security auditor working for Woodgrove Bank asks you to provide a report, in
CSV format, of specified security audit events from a server. Knowing that
Windows PowerShell can be used to select the appropriate information, you use
the shell to first retrieve the required security audit events, and then, after you have
manually confirmed that the proper events have been selected, you export the
selected event information to a comma separated values (CSV) file.
Exercise Overview
In this exercise, you will scan the system event log for all instances of a particular
event ID and generate a CSV file containing the results.
f Task 1: Retrieve audit events that match the specified criteria

• Type Get-eventlog security | where { (4634,4672,4624) -contains
$_.eventid } | select eventid,entrytype,timegenerated. Then press ENTER.
f Task 2: Create a report using the retrieved audit events

2. Type Get-eventlog security | where { (4634,4672,4624) -contains
$_.eventid } | select eventid,entrytype,timegenerated | export-csv
AuditLog.csv. Then press ENTER.
Results: After this exercise, you should have created a CSV report containing the
specified audit events.
Exercise 5: Comparing Files

Scenario
You are responsible for maintaining a Windows Server 2008 computer. You need
to document the services that are installed on the computer. Periodically, you need
to compare the services that are currently-installed on your computer to the
documented set of services and report any differences.
Exercise Overview
In this exercise, you will create a baseline of installed services on a computer. You
will then install new services and demonstrate how the baseline can be used to
audit the current configuration of the server and display discrepancies.
f Task 1: Create a baseline of installed services

1. Type Cd $HOME and press ENTER.
2. Type Get-Service | Export-CliXML Services.xml and press ENTER.
f Task 2: Install additional services on the computer

1. Click Start, point to Administrative Tools, and select Server Manager.
2. Select Roles, and then click Add Roles.
3. Click Next.
4. Select Fax Server.
5. Click Add Required Role Services.
6. Click Next on each dialog box, then click Install.
7. Click Close.
8. Close Server Manager.
f Task 3: Compare the baseline to the current state

• Type Compare-Object (Import-CliXml Services.xml) (Get-Service) –
property DisplayName, then press ENTER.
Question: What happens if you try to compare on the Name property instead?
Answer: The objects imported from the XML file do not have a matching
Name property, so every service shows up as a difference. By comparing on
the DisplayName property, you achieve the desired results.
Results: After this exercise, you should have created a baseline configuration file and
used it to audit the services that are installed on a server.
Lab Answer Key: Managing the Windows Operating System Using Windows PowerShell™ and WMI 1
Module 8
Lab Answer Key: Managing the Windows
Operating System Using Windows PowerShell™
and WMI
Contents:
Exercise 1: Using WMI Classes in Windows PowerShell 2
Exercise 2: Using WMI Type Accelerators 4
Exercise 3: Managing Disk Volumes in Windows PowerShell 5
Exercise 4: Defragmenting Disk Volumes Using Windows PowerShell 6
Exercise 5: Managing IIS 7.0 Properties Using WMI 7
2 Lab Answer Key: Managing the Windows Operating System Using Windows PowerShell™ and WMI
Lab: Managing Disk Volumes with

Windows PowerShell and WMI
Logon Information:
Exercise 1: Using WMI Classes in Windows PowerShell

Scenario
As an administrator for Woodgrove Bank, you often need to retrieve information
about computers on your network. This information includes inventory
information, such as operating system version numbers, and operational
information, such as the processes that are currently running on a computer. You
have chosen to use Windows Management Instrumentation (WMI) classes in
Windows PowerShell to retrieve and process this information.
Exercise Overview
In this exercise, you will use WMI classes in Windows PowerShell.
f Task 1: Start the 6434A-NYC-DC1 virtual computer and log on as

Administrator
1. Start the 6434A-NYC-DC1 virtual computer and log on as Administrator
using the password Pa$$w0rd.
f Task 2: Retrieve the operating system and service pack version

information from a computer
• Type Get-WmiObject Win32_OperatingSystem | Select
BuildNumber,ServicePackMajorVersion, and press ENTER.
Question: How could you modify this command so that it can run against a
remote computer?
Answer: Add the –computerName parameter to the Get-WmiObject cmdlet.
Question: When can the –credential parameter of Get-WmiObject be used to
specify alternate credentials?
Answer: Only when connecting to remote computers; WMI does not permit
alternate credentials for local connections.
f Task 3: Retrieve information related to services installed on a

computer
• Type Get-WmiObject Win32_Service | Select Name,StartName,StartMode
and press ENTER.
Question: How is the Win32_Service class different from the objects returned
by the Get-Service cmdlet?
Answer: The Win32_Service class exposes additional information, including
the StartMode and StartName properties, which is not exposed by the Get-
Service cmdlet.
f Task 4: Remove a shared folder from a computer

• Type Get-WmiObject Win32_Share –filter "name='FileShare'" |
ForEach-Object { $_.Delete() }. Press ENTER.
Results: After this exercise, you should have retrieved inventory and operational
information from a computer, using a technique that could be used for either the local
Exercise 2: Using WMI Type Accelerators

Scenario
You administer file servers for Woodgrove Bank. Creation of new shared folders
and running programs remotely are common tasks in your job. As new committees
and projects form every week, you need to ensure that people have access to
shared folders to support their latest endeavors. As a part of your remote
management duties, you frequently need to launch software on servers and
workstations throughout the organization. You need to create a new shared folder
so that users can access shared documents. You also need to use Windows
PowerShell to launch new processes, including doing so on remote computers.
You choose to use WMI type accelerators to accomplish these tasks.
Exercise Overview
In this exercise, you will create a shared folder and launch a new process.
f Task 1: Create a folder to share

• Type Md C:\SharedDocuments and press ENTER.
f Task 2: Share the folder
Note: For the syntax of the Create() method, see Create Method of the
Win32_Share Class.
1. Type $sf = [WMICLASS]"Win32_Share" and press ENTER.

2. Type $sf.Create("C:\SharedDocuments","Docs",0) and press ENTER.
Question: Does the new share show up in Windows Explorer?
Answer: Yes. There is no difference when creating a share this way than there
is when using Windows Explorer to do so.
Question: What are the permissions on the new share?
Answer: Because they were not specified in the Create() method, the default
permissions allowing everyone to have Read permission are used.
f Task 3: Launch a new process
Note: For the syntax of the Create() method, see Create Method of the
Win32_Process Class.
1. Type $pr = [WMICLASS]"Win32_Process" and press ENTER.

2. Type $pr.Create("Notepad.exe") and press ENTER.
Results: After this exercise, you should have created a new shared folder and launched
Windows Notepad.
Exercise 3: Managing Disk Volumes in Windows PowerShell

Scenario
In this exercise, you will produce an inventory report of the disk volumes of a
computer. Your report will include information such as total size, space available,
and other information, and will be used for capacity planning. You also need to
produce reports that list all of the volumes attached to a computer, for inventory
purposes.
Exercise Overview
In this exercise, you will manage disk volumes in Windows PowerShell.
f Task 1: Report on free disk space for local disk volumes

• Type Get-WmiObject Win32_Volume -filter "drivetype=3" | Format-Table
Name,Capacity,FreeSpace –autoSize. Press ENTER.
Question: Could you modify this report to include a calculated column that
shows the percentage of free space?
Answer: It depends. On a large drive, the free space and capacity properties
are 64-bit integers because they contain potentially large numbers. Windows
PowerShell v1.0 contains a bug that prevents you from performing math
operations with 64-bit integers, so you would not be able to calculate a
percentage on a large drive.
f Task 2: Report on all volumes attached to a computer

• Type Get-WmiObject win32_volume | Select name,drivetype | Export-CSV
DriveInventory.csv. Press ENTER.
Results: After this exercise, you should have produced drive volume reports that can
be used for inventory and capacity planning purposes.
Exercise 4: Defragmenting Disk Volumes in Windows

PowerShell
Scenario
Many of the NTFS volumes that you administer at Woodgrove Bank are heavily
utilized, with files being created, modified, and deleted at a rapid rate. As such, the
allocation of clusters to the files on these volumes can quickly become fragmented.
Your manager has asked if you can automate scheduling of defragmentation of
these values based on a needed versus not needed analysis and to track the
frequency and dates of when each volume is defragmented. As the first step in
prototyping this automation, you will use WMI in Windows PowerShell to
defragment a small hard disk.
f Task 1: Defragment the E: drive

1. Type Get-WmiObject Win32_Volume | Get-Member Defrag* and press
ENTER.
2. Type Get-WmiObject Win32_Volume –filter "Name='E:\\'" |
ForEach-Object { $_.Defrag( $false ) }. Press ENTER.
Question: Is there a way to check the fragmentation of a volume before using
the Defrag() method?
Answer: Yes, by using the DefragAnalysis() method of the Win32_Volume
class.
Results: After this exercise, you should have defragmented the E drive on your virtual
machine.
Exercise 5: Managing IIS 7.0 Properties using WMI

Scenario
You are a Web server administrator for Woodgrove Bank. You need to write a set
of Windows PowerShell functions that will make it easier and faster to maintain
Web sites running under IIS 7.0.
Exercise Overview
In this exercise, students will manage IIS 7.0 properties by using WMI.

Administrator
1. Start the 6434A-NYC-DC1 virtual machine and log on as Administrator using
2. Open Windows PowerShell
f Task 2: Install IIS 7.0

1. If Server Manager is not already open, click Start, point to Administrative
Tools, and choose Server Manager.
2. In the left pane, click Roles.
3. In the right pane, in the Roles Summary, click the Add Roles link. This opens
up the Add Roles Wizard.
4. On the Before You Begin page, click Next.
5. On the Select Server Roles page, select the Web Server (IIS) check box. In the
Add Roles Wizard dialog box that comes up, click Add Required Features.
The dialog box will close automatically.
6. On the Select Server Roles page, click Next.
7. On the Web Server (IIS) page, click Next.
8. On the Select Role Services page, scroll down to the bottom of the services list.
Under Management Tools, do the following:
• IIS Management Console: This check box is already selected. Leave it
selected.
• IIS Management Scripts and Tools: Select this check box.
• Management Service: Select this check box. The Add Features Required
for Management Service dialog box pops up. Click Add Required
Features.
• IIS 6 Management Compatibility: Select this check box.
9. On the Select Role Services page, click Next.
10. On the Confirm Installation Selections page, click Install.
11. On the Installation Results page, click Close.
12. Close Server Manager.
f Task 3: Write the Get-WebSiteStatus function

1. Open Windows Explorer and open the C drive.
2. Open the Scripts folder.
3. In the right pane, right-click and point to New, then select Text Document.
5. In Notepad, open Mod8Task3.ps1. Type the following Windows PowerShell
function named Get-WebSiteStatus, pressing ENTER after each command:
Function Get-WebSiteStatus {
Param($site="Default Web Site")
$site = Get-WmiObject –namespace root\webadministration site `
–filter "name='$site'"
switch( $site.GetState().ReturnValue ){
1 { write "Started" }
2 { write "Starting" }
3 { write "Stopped" }
4 { write "Stopping" }
5 { write "Unknown" }
}
}
6. Save the file and exit Notepad.

7. In Windows PowerShell, type . C:\Scripts\Mod8Task3.ps1 and press
ENTER.
8. Type Get-WebSiteStatus "Default Web Site" and press ENTER.
Question: How could this function be made available every time that you
open Windows PowerShell?
Answer: By adding it to your Windows PowerShell profile.
f Task 4: Write the Restart-WebSite function

1. In Windows Explorer, open the C:\Scripts folder.
2. In the right pane, right-click and point to New, then select Text Document.
4. In Notepad, open Mod8Task4.ps1. Type the following Windows PowerShell
function named Restart-WebSite, pressing ENTER after each line:
Function Restart-WebSite {
Param($site="Default Web Site")
$site = Get-WmiObject –namespace root\webadministration site `
–filter "name='$site'"
$site.Stop()
$site.Start()
}
5. Save the file and exit Notepad.
6. In Windows PowerShell, type . C:\Scripts\Mod8Task4.ps1 and press
ENTER.
7. Type Restart-WebSite "Default Web Site" and press ENTER.
Results: After this exercise, you should have written two functions that help make
IIS 7.0 Web site maintenance easier.
Lab Answer Key: Administering Microsoft® Active Directory® with Windows PowerShell™ 1
Module 9
Lab Answer Key: Administering Microsoft®
Active Directory® with Windows PowerShell™
Contents:
Exercise 1: Managing Active Directory Domain and Forest Properties 2
Exercise 2: Maintaining Active Directory with ADSI 4
Exercise 3: Maintaining Relationships in Active Directory with ADSI 7
Exercise 4: Managing IIS 7.0 with the .NET Web.Administration.ServerManager
Class 8
2 Lab Answer Key: Administering Microsoft® Active Directory® with Windows PowerShell™
Lab: Administering Active

Directory with Windows
PowerShell
Logon Information:
Exercise 1: Managing Active Directory Domain and Forest

Properties
Scenario
You are an administrator for Woodgrove Bank who is responsible for systems
security. You and your IT director are concerned about maintaining adequate
password policies, because many bank computers, such as those used for teller
access, are near public view. You have heard reports of security breaches at other
banks due to weak password security. You need to create a report that displays the
password policies for your Active Directory domain.
Exercise Overview
In this exercise, students will manage Active Directory domain and forest
properties.

Administrator
f Task 2: Obtain a reference to the domain

• Type $domain =
[System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain().
Then press ENTER.
Task 3: Display domain password policy properties

1. Type $domain.GetDirectoryEntry() | Get-Member and press ENTER.
2. Type $domain.GetDirectoryEntry().minPwdLength and press ENTER.
3. Type $domain.GetDirectoryEntry().pwdHistoryLength and press ENTER.
4. Type $domain.GetDirectoryEntry().maxPwdAge and press ENTER.
Question: Why does maxPwdAge not show?
Answer: The MaxPwdAge property is not simply a value. Rather, it is a COM
interface in and of itself. You can verify this by running
$domain.GetDirectoryEntry().maxPwdAge | Get-Member. Because of the
way that the .NET Framework exposes this kind of object to Windows
PowerShell, you might not always be able to retrieve values for every object
property.
Results: After this exercise, you should have displayed the domain password policies
for your domain.
Exercise 2: Maintaining Active Directory with ADSI

Scenario
You are a directory administrator for Woodgrove Bank. Each week, the company
provides you with a text file that lists new employees and the branches that they
work in. The file is in comma-separated values (CSV) format. You need to use the
file to create new Active Directory user accounts. You have chosen to use the CSV
import capabilities and the ADSI type accelerator in Windows PowerShell to
accomplish this.
Exercise Overview
In this exercise, students will maintain Active Directory objects using ADSI in
Windows PowerShell.
f Task 1: Write a script that creates an organizational unit

1. Click Start, click Run, type Notepad, and click OK.
2. In the file, type the following information:
$dom = [ADSI]"LDAP://dc=woodgrovebank,dc=com"
$ou = $dom.Create( "organizationalUnit", "ou=Tellers" )
$ou.SetInfo()
3. From the File menu, select Save As.
4. Type C:\Scripts\Tellers.ps1 and click OK.
5. Close Notepad.
6. In Windows PowerShell, run the script by typing:
C:\Scripts\Tellers.ps1
f Task 2: Create a sample CSV file

1. Ensure that the folder C:\Scripts exists.
FullName,LogonName,Branch
Jesper Aaberg,Jesper,New York City
Syed Abbas,Syed,Seattle
5. Type C:\Scripts\Users.csv and click Save.
6. Close Notepad.
f Task 3: Write a script that imports the CSV file and creates user
accounts
$users = Import-Csv c:\scripts\users.csv
$ou = [ADSI]"LDAP://ou=Tellers,dc=woodgrovebank,dc=com"
foreach ($user in $users) {
$cn = "cn=" + $user.fullname
$account = $ou.create("user",$cn)
$account.put("SAMAccountName",$user.logonname)
$account.put("Department",$user.branch)
$account.setinfo()
}
4. Type C:\Scripts\Users.ps1 and click Save.
5. Close Notepad.
6. In Windows PowerShell, type C:\Scripts\Users.ps1 and press ENTER.
Question: Why are the user accounts disabled by default?
Answer: This is a default behavior of Windows Server 2008. It is designed so
that user accounts cannot actually be used until they are explicitly enabled.
This approach creates a more secure-by-default environment.
Results: After this exercise, you should have written a script that reads a CSV file and
uses the information in it to create new user accounts.
Exercise 3: Maintaining Relationships in Active Directory

with ADSI
Scenario
At Woodgrove Bank, corporate reorganizations seem to be a fairly regular exercise.
Even without such reorganizations, the turnover rate for some of the bank jobs
seems to be going for a world record, and promotions in the branch offices seem to
occur every month. As a directory administrator supporting the Human Resources
department, you need to maintain up-to-date manager and direct report
information for the enterprise. Each time that a new person is promoted or hired to
a manager position, people who report directly to that person need to be updated
in the directory. As an Active Directory administrator, you are responsible for
maintaining reporting hierarchy information for the organization. You regularly
update the manager attribute for several users in the Woodgrove Bank Active
Directory domain. You decide to start by configuring the user accounts for workers
in the Seattle branch with the appropriate manager.
Exercise Overview
In this exercise, students will manage relationships between user accounts and
groups using ADSI in Windows PowerShell.
f Task 1: Retrieve the user account of the new manager

1. Type $mgr = [adsi]"LDAP://cn=Kristian
Gotsch,ou=Executives,dc=woodgrovebank,dc=com" , then press ENTER.
2. Type $mgrname = $mgr.distinguishedname.psbase.value and press ENTER.
f Task 2: Update the accounts of selected users

1. In Windows PowerShell, change to the directory containing the Getuser.ps1
and Setuser.ps1 scripts. For example, if the location is E:\Democode, then
type Cd E:\Democode and press ENTER.
2. Within Windows PowerShell, type . ./Getuser.ps1 and press ENTER.
Note: It is important to use dot sourcing when running the getuser.ps1 script
because the Get-User function in that script is not defined with global scope. Be
careful to place a space between the first and second dots. Additionally, note that
the name of the script is intentionally different than the function that it defines.
The script is named getuser.ps1 whereas the function is named Get-User. The
same guidelines also apply to setuser.ps1.
3. Within Windows PowerShell, type . ./Setuser.ps1 and press ENTER.

4. Type Get-User '*' | ? { $_.department -eq "Seattle" } | Set-User
"manager=${mgrname}" and press ENTER.
Results: After this exercise, you should have updated two user accounts to have a new
manager attribute.
Exercise 4: Managing IIS 7.0 with the .NET

Web.Administration.ServerManager class
Scenario
You are a Web server administrator for Woodgrove Bank. For security reasons,
new promotions and new products need to be published to separate Web sites that
are distinct from the regular Web sites for the bank. Because these new promotions
come out regularly, new Web sites need to be created frequently. You want to write
a Windows PowerShell script that automates the creation of new IIS 7.0 Web sites.
Exercise Overview
In this exercise, students will manage IIS 7.0 by using the .NET
Web.Administration.ServerManager class.
f Task: Write a Windows PowerShell script that creates a new Web site
1. In Windows Explorer, on the C drive, create a new folder called inetpub. In
the inetpub folder, create a subfolder called wwwroot2.
2. Open Notepad. Write a script that accepts the following parameters,
remembering to press ENTER after each command:
Param($dir,$name,$port)
$iisDir = "$env:SystemRoot\System32\inetsrv"
[System.Reflection.Assembly]::LoadFrom(
"$iiSDir\Microsoft.Web.Administration.dll" )
$iisManager = New-Object Microsoft.Web.Administration.ServerManager
$site = $iisManager.Sites.Add( $name, $dir, $port )
$site.Sites($name).ServerAutoStart = $True
$iisManager.CommitChanges()
3. Save the script as C:\Scripts\NewSite.ps1. Exit Notepad.
4. In Windows PowerShell, type C:\Scripts\NewSite c:\inetpub\wwwroot2
MyWeb 8080 and press ENTER.
5. Click Start, click Run, type http://localhost:8080, and click OK.
Question: How could this script be made part of a larger Web site
provisioning script?
Answer: Encapsulate the script in a function named New-WebSite, and
include the function in any other script that requires this functionality.
Results: After this exercise, you should have created a script that automates the
creation of new IIS 7.0 Web sites.
Lab Answer Key: Administering Group Policy in Windows PowerShell™ Using COM 1
Module 10
Lab Answer Key: Administering Group Policy in
Windows PowerShell™ Using COM
Contents:
Exercise 1: Retrieving a GPO by Using a COM Object 2
Exercise 2: Copying Group Policy Settings 4
Exercise 3: Backing Up and Restoring a GPO 5
Exercise 4: Generating Group Policy Reports 7
2 Lab Answer Key: Administering Group Policy in Windows PowerShell™ Using COM
Lab: Administering Group Policy in

Windows PowerShell
Logon information:
Exercise 1: Retrieving a GPO by Using a COM Object

Scenario
You are a directory administrator for Woodgrove Bank. You need to use Windows
PowerShell to retrieve a Group Policy object (GPO) from Active Directory so that
you can perform several management tasks that use the GPO.
Exercise Overview
In this exercise, you will use COM objects in Windows PowerShell.

Administrator
2. Open Windows PowerShell
f Task 2: Retrieve the GPO that has the display name GPO1 and store it
in a variable
• Type the following commands, making sure to press ENTER after each:
$gpmc = New-Object –comObject GPMgmt.Gpm
$domain = $gpmc.GetDomain("woodgrovebank.com","","")
$gpo1 = $domain.CreateGPO()
$gpo1.DisplayName = "GPO1"
$sc = $gpmc.CreateSearchCriteria()
$all = $domain.SearchGPOs($sc)
$gpo = $all | Where-Object { $_.DisplayName –eq "GPO1"}

$gpo
Note: The value of $gpo must be defined for the following exercises to be
completed successfully.
Results: After this exercise, you should have retrieved the GPO named GPO1 and
stored it in the variable $gpo.
Exercise 2: Copying Group Policy Settings

Scenario
You are a directory administrator for Woodgrove Bank. You need to make a copy
of an existing GPO to form the basis for a new GPO. This approach is typically
used when a department needs settings that are similar to those of another
department that already has a useful GPO, but linking is not appropriate because
the two departments need to maintain different policy settings throughout their life
cycle.
Exercise Overview
In this exercise, students will copy Group Policy settings from one GPO to another.
f Task 1: Copy the Group Policy object GPO1 to GPO3

• Type $gpo.CopyTo(0,$domain,"GPO3") and press ENTER.
Question: When you copied the GPO, were its settings also copied?
Answer: Yes. You can verify this in the Group Policy Management Console by
opening GPO3 and browsing to Computer Configuration, Policies,
Windows Settings, Security Settings, Password Policy. Note that the
Password History setting is enabled because it was copied from GPO1.
Results: After this exercise, you should have copied GPO1 to GPO3.
Exercise 3: Backing Up and Restoring a GPO

Scenario
You are a directory administrator for Woodgrove Bank. You need to back up a
GPO, and test your ability to restore it. You use this feature most often to move
GPOs back and forth from your test environment to your production environment.
Exercise Overview
In this exercise, students will back up and restore GPOs.
f Task 1: Back up the GPO1 GPO

• Type the following commands, pressing ENTER after each:
Mkdir C:\GPOBackup
$gpo.Backup("C:\GPOBackup","GPO1Backup")
f Task 2: Delete the GPO1 GPO

1. Click Start, point to Administrative Tools, and click Group Policy
Management Console.
2. Expand the forest and domain until you see the Group Policy Objects folder.
3. Select the Group Policy Objects folder.
4. Select the GPO named GPO1 and press DELETE.
5. Click Yes to confirm deletion, and then click OK.
6. Close the Group Policy Management Console.
f Task 3: Restore the GPO1 GPO

• Type the following commands, pressing ENTER after each:
$directory = $gpmc.GetBackupDir("C:\GPOBackup")
$sc = $gpmc.CreateSearchCriteria()
$constants = $gpmc.GetConstants()
$backups = $directory.SearchBackups($sc)
$backup = $backups | Where-Object { $_.GPODisplayName –eq "GPO1" }
$domain.RestoreGPO($backup,$constants.DoNotValidateDC)
Question: When you restore a GPO, is it re-linked to its original containers in
the directory?
Answer: No. Although the GPO itself is backed up and can be restored, that
backup does not include the locations where the GPO was linked. Link
information is stored in the directory and must be backed up and restored as
part of the directory.
Results: After this exercise, you should have backed up, deleted, and restored a GPO.
Exercise 4: Generating Group Policy Reports

Scenario
You are a directory administrator for Woodgrove Bank. You need to restore a GPO,
but prior to doing so you need to generate a report describing the contents of the
GPO. You want the report to be in HTML format.
Exercise Overview
In this exercise, you will generate Group Policy change reports.
f Task 1: Create an HTML report of the backed-up GPO named GPO1

1. Type the following commands, pressing ENTER after each:
$report = $backup.GenerateReport($constants.ReportHTML)
$report.result | Out-File C:\GPOBackup\GPO1.html
2. Click Start, click Run, type iexplore c:\GPOBackup\GPO1.html, and click
OK.
Results: After this exercise, you should have viewed an HTML report of a backed-up
GPO.

6434A ENU LabManual

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

6434A ENU LabManual

Hochgeladen von

Copyright:

Verfügbare Formate

OFFICIAL MICROSOFT LEARNING PRODUCT

Administration with Windows

Technical Reviewer: Trevor Barry

Product Number: 3639

Part Number C90-06038

Lab: Implementing Windows PowerShell

Exercise 1: Installing Windows PowerShell

f Task 1: Start the 6434A-NYC-DC1 virtual machine and log on as

f Task 2: Verify that the Windows PowerShell system requirements are

f Task 3: Install Windows PowerShell

Exercise 2: Customizing Windows PowerShell

2. Customize the appearance of the Windows PowerShell console window.

f Task 1: Set the script execution policy

f Task 2: Customize the appearance of the Windows PowerShell console

Lab: Working with Windows PowerShell

Exercise 1: Learning Cmdlets and Defining Aliases

1. Start the 6434A-NYC-DC1 virtual machine, log on as Administrator, and start

f Task 1: Start the 6434A-NYC-DC1 virtual machine, log on as

f Task 2: Identify the cmdlets that perform a specific task

f Task 3: Create an alias

Exercise 2: Holding the Output of a Cmdlet

f Task 1: Obtain the currently running processes and store them in a

f Task 2: Display the processes stored in a variable

Lab: Implementing Pipelines in

Exercise 1: Evaluating Process Properties Using the

1. Start the 6434A-NYC-DC1 virtual machine, log on as Administrator, and start

f Task 1: Start the 6434A-NYC-DC1 virtual machine, log on as

f Task 2: Identify specific properties of a Process object

Exercise 2: Calculating Process Memory Usage

f Task 1: Display memory utilization statistics for running processes

Exercise 3: Using Associative Array Variables

f Task 1: Create an associative array and populate it with values

f Task 2: Display specified members of an associative array

Exercise 4: Sorting and Selecting Elements from a

3. Select a subset of the available processes.

f Task 1: Sort processes into the desired order

f Task 2: Select the desired properties of a process

f Task 3: Select a subset of the available processes

Lab: Output Formatting and Process Control

Exercise 1: Implementing Basic Formatting Control

3. Format event log entries in a list.

f Task 1: Start the 6434A-NYC-DC1 virtual machine, log on as

f Task 2: Format services in a table

f Task 3: Format event log entries in a list

f Task 4: Format processes in a wide list

Exercise 2: Formatting with the -f Operator

f Task 1: Insert data into a string

f Task 2: Insert numerically formatted data into a string

process. Display the virtual memory in megabytes, formatted as a number with

f Task 3: Insert date-formatted data into a string

Exercise 3: Implementing Advanced Formatting

f Task 1: Prototype a calculated column using the -f operator

f Task 2: Create a table that contains a calculated column

Lab: Implementing Scripts in Windows

Exercise 1: Writing and Running a Script

f Task 1: Start the 6434A-NYC-DC1 virtual machine and log on as

f Task 2: Create an empty script file

f Task 3: Add Windows PowerShell commands to the script

f Task 4: Run the script and verify its operation

Exercise 2: Customizing Profiles

f Task 1: Create a blank profile script

f Task 2: Add commands to the profile

f Task 3: Test the profile and verify its operation