Archive

Author Archive

Function: Test-InvalidCerts – Ensuring Certificates Are In The Correct Certificate Store

March 17th, 2017 8 comments

I learned some very valuable lessons on my first Lync Server deployment. If Lync doesn’t work, it’s probably certificate related. That’s still the case with Skype for Business. Simple certificate issues can cause all kinds of problems. That’s why I’ve written about them in Lync Users Can’t Download Address Book if Certificate Uses CNG and One Liner: Add Trusted Root Cert Authorities to Edge Servers (among others). Today I again saw another issue around McAfee solutions and Front End services not starting (see An intermediate certificate is installed under “Trusted Root Certification Authorities” for more info). Turns out some certificates are in the wrong certificate store. An example would be an intermediate certificate improperly placed in the ‘Trusted Root Certification Authorities’. The solution is to just move the cert into the correct store. But rather than manually looking at each one, surely there is a way to check them all and move them to the right store! Well, Shirley (see what I did there?), there is.

Here is a simple function that checks both the intermediate and trusted root stores for certificates that should be in the opposite store. If it finds them, it will move them. Run this in an elevated PowerShell session.

function Test-InvalidCert {
  <#
  .SYNOPSIS
    Checks root and intermediate certificate stores for certificates in the wrong store & moves them to the correct store.

  .DESCRIPTION
    Checks root and intermediate certificate stores for certificates in the wrong store & moves them to the correct store. Certificates in the wrong store can be very problematic for Lync Server and Skype for Business Server.

  .NOTES
    Version               : 1.2
    Wish list             : 
    Rights Required       : Local administrator on server
    Sched Task Required   : No
    Lync/Skype4B Version  : N/A
    Author/Copyright      : © Pat Richard, Office Servers and Services (Skype for Business) MVP - All Rights Reserved
    Email/Blog/Twitter    : pat@innervation.com  https://ucunleashed.com  @patrichard
    Donations             : https://www.paypal.me/PatRichard
    Dedicated Post        : https://ucunleashed.com/3903
    Disclaimer            : You running this script means you won't blame author(s) if this breaks your stuff. This script is
                            provided AS IS without warranty of any kind. Author(s) disclaim all implied warranties including,
                            without limitation, any implied warranties of merchantability or of fitness for a particular
                            purpose. The entire risk arising out of the use or performance of the sample scripts and
                            documentation remains with you. In no event shall author(s) be liable for any damages whatsoever
                            (including, without limitation, damages for loss of business profits, business interruption,
                            loss of business information, or other pecuniary loss) arising out of the use of or inability
                            to use the script or documentation. Neither this script, nor any part of it other than those
                            parts that are explicitly copied from others, may be republished without author(s) express written 
                            permission.
    Acknowledgements      :
    Assumptions           : ExecutionPolicy of AllSigned (recommended), RemoteSigned, or Unrestricted (not recommended)
    Limitations           :
    Known issues          : None yet, but I'm sure you'll find some!

  .LINK
    
Function: Test-InvalidCerts – Ensuring Certificates Are In The Correct Certificate Store
.EXAMPLE .\Test-InvalidCerts.ps1 Description ----------- Checks root and intermediate store for certs in the wrong store & moves them to the proper store. .INPUTS None. You cannot pipe objects to this script. #> [CmdletBinding(SupportsPaging)] param( ) # end of param block process{ Write-Verbose -Message 'Checking for improper certs in root store' $InvalidCertsInRoot = Get-Childitem -Path cert:\LocalMachine\root -Recurse | Where-Object {$_.Issuer -ne $_.Subject} if ($InvalidCertsInRoot){ Write-Verbose -Message ('{0} invalid certificates detected in Root Certificate Store' -f $InvalidCertsInRoot.count) ForEach ($cert in $InvalidCertsInRoot){ Write-Verbose -Message ('Moving `"{0}`" to intermediate certificate store' -f $cert.subject) Move-Item -Path $cert.PSPath -Destination Cert:\LocalMachine\CA } }else{ Write-Verbose -Message 'No invalid certs found in Root Certificate Store' } $InvalidCertsInInt = Get-Childitem -Path cert:\LocalMachine\Ca -Recurse | Where-Object {$_.Issuer -eq $_.Subject} if ($InvalidCertsInInt){ Write-Verbose -Message ('{0} invalid certificates detected in Intermediate Certificate Store' -f $InvalidCertsInInt.count) ForEach ($cert in $InvalidCertsInInt){ Write-Verbose -Message ('Moving `"{0}`" to root certificate store' -f $cert.subject) Move-Item -Path $cert.PSPath -Destination Cert:\LocalMachine\Root } }else{ Write-Verbose -Message 'No invalid certs found in Intermediate Certificate Store' } } } # end function Test-InvalidCert

All output is verbose, so if you want to see what it’s doing, run the function with -Verbose.

Donations

I’ve never been one to really solicit donations for my work. My offerings are created because *I* need to solve a problem, and once I do, it makes sense to offer the results of my work to the public. I mean, let’s face it: I can’t be the only one with that particular issue, right? Quite often, to my surprise, I’m asked why I don’t have a “donate” button so people can donate a few bucks. I’ve never really put much thought into it. But those inquiries are coming more often now, so I’m yielding to them. If you’d like to donate, you can send a few bucks via PayPal at https://www.paypal.me/PatRichard. Money collected from that will go to the costs of my website (hosting and domain names), as well as to my home lab.

Categories: PowerShell Tags:

Using PowerShell to Add “Open PowerShell Here” and “Open Command Prompt Here” to Explorer Context Menus

February 17th, 2017 No comments

Description

I recently reloaded my primary workstation. When I do that, I run my PowerShell profile file manually once, and it configures quite a few things, including dot sourcing that same file into the main profile file, which it also creates. When I was all done, I realized I didn’t have the “Open PowerShell Here” options when right clicking in Windows Explorer. Being old and forgetful, I did some searching and was quite surprised (and disappointed) that every method for setting this was either using an .inf file, a .reg file, or manually editing the registry. What a travesty that no one was showing how to do it via PowerShell. So a bottle of Mountain Dew Throwback and some Pink Floyd was all I needed.

The right-click options can be visible in three different places. The first is when you right-click a folder. Second is when you right-click a root drive. And the third is when you right-click the background in Explorer. The method I’ll be showing here will include setting the option for all three. Additionally, I’ll show how to add an option to open an elevated PowerShell session, as well as a command prompt. When finished, you’ll end up with something like this:

All options are configured in the HKEY_CLASSES_ROOT hive of the registry. The folder level option resides under \Directory\shell; the root drive option resides under \Drive\shell; and the Explorer background option resides under \Directory\Background\shell. For each, we create a new key with a unique name for each of the options (PowerShell, PowerShell elevated, cmd prompt), some values for the display text and icon, and a sub key with a value that shows what commands will run when executed. This is easily accomplished using the New-Item and New-ItemProperty cmdlets in an elevated PowerShell session.

Add “Open PowerShell Here”

#folders
New-Item -ItemType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\PowerShellHere" -Value "Open PowerShell Here" -Force | Out-Null
New-Item -ItemType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\PowerShellHere\command" -Value "$env:SystemRoot\system32\WindowsPowerShell\v1.0\powershell.exe -NoExit -Command Set-Location '%V'" -Force | Out-Null
New-ItemProperty -PropertyType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\PowerShellHere" -Name "Icon" -Value "$env:SystemRoot\system32\WindowsPowerShell\v1.0\powershell.exe" -Force | Out-Null
#background
New-Item -ItemType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\PowerShellHere" -Value "Open PowerShell Here" -Force | Out-Null
New-Item -ItemType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\PowerShellHere\command" -Value "$env:SystemRoot\system32\WindowsPowerShell\v1.0\powershell.exe -NoExit -Command Set-Location '%V'" -Force | Out-Null
New-ItemProperty -PropertyType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\PowerShellHere" -Name "Icon" -Value "$env:SystemRoot\system32\WindowsPowerShell\v1.0\powershell.exe" -Force | Out-Null
#root drives
New-Item -ItemType String -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\PowerShellHere" -Value "Open PowerShell Here" -Force | Out-Null
New-Item -ItemType String -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\PowerShellHere\command" -Value "$env:SystemRoot\system32\WindowsPowerShell\v1.0\powershell.exe -NoExit -Command Set-Location '%V'" -Force | Out-Null
New-ItemProperty -PropertyType String -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\PowerShellHere" -Name "Icon" -Value "$env:SystemRoot\system32\WindowsPowerShell\v1.0\powershell.exe" -Force | Out-Null

Add “Open PowerShell Here (Admin)”

#folders
New-Item -ItemType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\PowerShellHereAdmin" -Value "Open PowerShell Here (Admin)" -Force | Out-Null
New-Item -ItemType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\PowerShellHereAdmin\command" -Value "PowerShell -Command `"Start-Process $env:SystemRoot\system32\WindowsPowerShell\v1.0\powershell.exe`" -verb runAs -ArgumentList '-NoExit','Set-Location','''%L'''" -Force | Out-Null
New-ItemProperty -PropertyType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\PowerShellHereAdmin" -Name "Icon" -Value "$env:SystemRoot\system32\WindowsPowerShell\v1.0\powershell.exe,1" -Force | Out-Null
#background
New-Item -ItemType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\PowerShellHereAdmin" -Value "Open PowerShell Here (Admin)" -Force | Out-Null
New-Item -ItemType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\PowerShellHereAdmin\command" -Value "PowerShell -Command `"Start-Process $env:SystemRoot\system32\WindowsPowerShell\v1.0\powershell.exe`" -verb runAs -ArgumentList '-NoExit','Set-Location','''%V'''" -Force | Out-Null
New-ItemProperty -PropertyType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\PowerShellHereAdmin" -Name "Icon" -Value "$env:SystemRoot\system32\WindowsPowerShell\v1.0\powershell.exe,1" -Force | Out-Null
#root drives
New-Item -ItemType String -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\PowerShellHereAdmin" -Value "Open PowerShell Here (Admin)" -Force | Out-Null
New-Item -ItemType String -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\PowerShellHereAdmin\command" -Value "PowerShell -Command `"Start-Process $env:SystemRoot\system32\WindowsPowerShell\v1.0\powershell.exe`" -verb runAs -ArgumentList '-NoExit','Set-Location','''%L'''" -Force | Out-Null
New-ItemProperty -PropertyType String -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\PowerShellHereAdmin" -Name "Icon" -Value "$env:SystemRoot\system32\WindowsPowerShell\v1.0\powershell.exe,1" -Force | Out-Null

Add “Open Command Prompt Here”

#folders
New-Item -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\CmdHere" -Value "Open Command Prompt Here" -ItemType string -Force | Out-Null
New-Item -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\CmdHere\command" -Value 'cmd.exe /k pushd %L' -ItemType string -Force | Out-Null
New-ItemProperty -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\CmdHere" -Name "Icon" -Value "C:\Windows\System32\cmd.exe,0" -Type string -Force | Out-Null
#background
New-Item -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\CmdHere" -Value "Open Command Prompt Here" -ItemType string -Force | Out-Null
New-Item -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\CmdHere\command" -Value 'cmd.exe /k pushd %L' -ItemType string -Force | Out-Null
New-ItemProperty -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\CmdHere" -Name "Icon" -Value "C:\Windows\System32\cmd.exe,0" -Type string -Force | Out-Null
#root drives
New-Item -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\CmdHere" -Value "Open Command Prompt Here" -ItemType string -Force | Out-Null
New-Item -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\CmdHere\command" -Value 'cmd.exe /k pushd %L' -ItemType string -Force | Out-Null
New-ItemProperty -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\CmdHere" -Name "Icon" -Value "C:\Windows\System32\cmd.exe,0" -Type string -Force | Out-Null

Now we can put that all together, and add some checks to ensure the settings are not already configured, to avoid errors.

# folders
if(-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\PowerShellHere")){
    New-Item -ItemType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\PowerShellHere" -Value "Open PowerShell Here" -Force | Out-Null
    New-Item -ItemType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\PowerShellHere\command" -Value "$env:SystemRoot\system32\WindowsPowerShell\v1.0\powershell.exe -NoExit -Command Set-Location '%V'" -Force | Out-Null
    New-ItemProperty -PropertyType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\PowerShellHere" -Name "Icon" -Value "$env:SystemRoot\system32\WindowsPowerShell\v1.0\powershell.exe" -Force | Out-Null
}
if(-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\PowerShellHereAdmin")){
    New-Item -ItemType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\PowerShellHereAdmin" -Value "Open PowerShell Here (Admin)" -Force | Out-Null
    New-Item -ItemType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\PowerShellHereAdmin\command" -Value "PowerShell -Command `"Start-Process $env:SystemRoot\system32\WindowsPowerShell\v1.0\powershell.exe`" -verb runAs -ArgumentList '-NoExit','cd','%V'" -Force | Out-Null
    New-ItemProperty -PropertyType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\PowerShellHereAdmin" -Name "Icon" -Value "$env:SystemRoot\system32\WindowsPowerShell\v1.0\powershell.exe,1" -Force | Out-Null
}
if(-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\CmdHere")){
    New-Item -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\CmdHere" -Value "Open Command Prompt Here" -ItemType string -Force | Out-Null
    New-Item -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\CmdHere\command" -Value 'cmd.exe /k pushd %L' -ItemType string -Force | Out-Null
    New-ItemProperty -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\CmdHere" -Name "Icon" -Value "C:\Windows\System32\cmd.exe,0" -Type string -Force | Out-Null
}

# Explorer background
if(-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\PowerShellHere")){
    New-Item -ItemType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\PowerShellHere" -Value "Open PowerShell Here" -Force | Out-Null
    New-Item -ItemType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\PowerShellHere\command" -Value "$env:SystemRoot\system32\WindowsPowerShell\v1.0\powershell.exe -NoExit -Command Set-Location '%V'" -Force | Out-Null
    New-ItemProperty -PropertyType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\PowerShellHere" -Name "Icon" -Value "$env:SystemRoot\system32\WindowsPowerShell\v1.0\powershell.exe" -Force | Out-Null
}
if(-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\PowerShellHereAdmin")){
    New-Item -ItemType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\PowerShellHereAdmin" -Value "Open PowerShell Here (Admin)" -Force | Out-Null
    New-Item -ItemType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\PowerShellHereAdmin\command" -Value "PowerShell -Command `"Start-Process $env:SystemRoot\system32\WindowsPowerShell\v1.0\powershell.exe`" -verb runAs -ArgumentList '-NoExit','cd','%V'" -Force | Out-Null
    New-ItemProperty -PropertyType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\PowerShellHereAdmin" -Name "Icon" -Value "$env:SystemRoot\system32\WindowsPowerShell\v1.0\powershell.exe,1" -Force | Out-Null
}
if(-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\CmdHere")){
    New-Item -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\CmdHere" -Value "Open Command Prompt Here" -ItemType string -Force | Out-Null
    New-Item -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\CmdHere\command" -Value 'cmd.exe /k pushd %L' -ItemType string -Force | Out-Null
    New-ItemProperty -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\CmdHere" -Name "Icon" -Value "C:\Windows\System32\cmd.exe,0" -Type string -Force | Out-Null
}

# root drives
if(-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\PowerShellHere")){
    New-Item -ItemType String -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\PowerShellHere" -Value "Open PowerShell Here" -Force | Out-Null
    New-Item -ItemType String -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\PowerShellHere\command" -Value "$env:SystemRoot\system32\WindowsPowerShell\v1.0\powershell.exe -NoExit -Command Set-Location '%V'" -Force | Out-Null
    New-ItemProperty -PropertyType String -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\PowerShellHere" -Name "Icon" -Value "$env:SystemRoot\system32\WindowsPowerShell\v1.0\powershell.exe" -Force | Out-Null
}
if(-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\PowerShellHereAdmin")){
    New-Item -ItemType String -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\PowerShellHereAdmin" -Value "Open PowerShell Here (Admin)" -Force | Out-Null
    New-Item -ItemType String -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\PowerShellHereAdmin\command" -Value "PowerShell -Command `"Start-Process $env:SystemRoot\system32\WindowsPowerShell\v1.0\powershell.exe`" -verb runAs -ArgumentList '-NoExit','cd','%V'" -Force | Out-Null
    New-ItemProperty -PropertyType String -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\PowerShellHereAdmin" -Name "Icon" -Value "$env:SystemRoot\system32\WindowsPowerShell\v1.0\powershell.exe,1" -Force | Out-Null
}
if(-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\CmdHere")){
    New-Item -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\CmdHere" -Value "Open Command Prompt Here" -ItemType string -Force | Out-Null
    New-Item -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\CmdHere\command" -Value 'cmd.exe /k pushd %L' -ItemType string -Force | Out-Null
    New-ItemProperty -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\CmdHere" -Name "Icon" -Value "C:\Windows\System32\cmd.exe,0" -Type string -Force | Out-Null
}

Since the file that’s dot sourced in my PowerShell profile is shared among all of my machines, I tossed the above code in it to ensure that all machines are configured this way, and to ensure that if I reload one of them, it gets reconfigured with no additional work.

Moving to sub-menu

If your right-click menu is already full of other options, and you’d rather have them on a menu when you hit SHIFT+Right Click, that’s easy. We add a property called “extended”, with an empty value, to the key for each option. We can do them all at once using this code (after running the above code first):

#folders
if(-Not (Get-ItemProperty -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\PowerShellHere" -Name "extended")){
    New-ItemProperty -PropertyType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\PowerShellHere" -Name "extended" -Value $null | Out-Null
}
if(-Not (Get-ItemProperty -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\PowerShellHereAdmin" -Name "extended")){
    New-ItemProperty -PropertyType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\PowerShellHereAdmin" -Name "extended" -Value $null | Out-Null
}
if(-Not (Get-ItemProperty -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\CmdPromptHere" -Name "extended")){
    New-ItemProperty -PropertyType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\CmdPromptHere" -Name "extended" -Value $null | Out-Null
}

#background
if(-Not (Get-ItemProperty -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\PowerShellHere" -Name "extended")){
    New-ItemProperty -PropertyType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\PowerShellHere" -Name "extended" -Value $null | Out-Null
}
if(-Not (Get-ItemProperty -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\PowerShellHereAdmin" -Name "extended")){
    New-ItemProperty -PropertyType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\PowerShellHereAdmin" -Name "extended" -Value $null | Out-Null
}
if(-Not (Get-ItemProperty -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\CmdPromptHere" -Name "extended")){
    New-ItemProperty -PropertyType String -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\CmdPromptHere" -Name "extended" -Value $null | Out-Null
}

#root drives
if(-Not (Get-ItemProperty -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\PowerShellHere" -Name "extended")){
    New-ItemProperty -PropertyType String -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\PowerShellHere" -Name "extended" -Value $null | Out-Null
}
if(-Not (Get-ItemProperty -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\PowerShellHereAdmin" -Name "extended")){
    New-ItemProperty -PropertyType String -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\PowerShellHereAdmin" -Name "extended" -Value $null | Out-Null
}
if(-Not (Get-ItemProperty -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\CmdPromptHere" -Name "extended")){
    New-ItemProperty -PropertyType String -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\CmdPromptHere" -Name "extended" -Value $null | Out-Null
}

Removing the options

If you decide you’re not a fan of the options, removing them is really easy using the Remove-Item cmdlet.

#folders
if(Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\PowerShellHere"){
    Remove-Item -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\PowerShellHere" -Recurse -Confirm:$False
}
if(Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\PowerShellHereAdmin"){
    Remove-Item -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\PowerShellHereAdmin" -Recurse -Confirm:$False
}
if(Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\CmdPromptHere"){
    Remove-Item -Path "Registry::HKEY_CLASSES_ROOT\Directory\shell\CmdPromptHere" -Recurse -Confirm:$False
}

#background
if(Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\PowerShellHere"){
    Remove-Item -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\PowerShellHere" -Recurse -Confirm:$False
}
if(Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\PowerShellHereAdmin"){
    Remove-Item -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\PowerShellHereAdmin" -Recurse -Confirm:$False
}
if(Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\CmdPromptHere"){
    Remove-Item -Path "Registry::HKEY_CLASSES_ROOT\Directory\Background\shell\CmdPromptHere" -Recurse -Confirm:$False
}

#root drives
if(Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\PowerShellHere"){
    Remove-Item -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\PowerShellHere" -Recurse -Confirm:$False
}
if(Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\PowerShellHereAdmin"){
    Remove-Item -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\PowerShellHereAdmin" -Recurse -Confirm:$False
}
if(Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\CmdPromptHere"){
    Remove-Item -Path "Registry::HKEY_CLASSES_ROOT\Drive\shell\CmdPromptHere" -Recurse -Confirm:$False
}

Donations

I’ve never been one to really solicit donations for my work. My offerings are created because *I* need to solve a problem, and once I do, it makes sense to offer the results of my work to the public. I mean, let’s face it: I can’t be the only one with that particular issue, right? Quite often, to my surprise, I’m asked why I don’t have a “donate” button so people can donate a few bucks. I’ve never really put much thought into it. But those inquiries are coming more often now, so I’m yielding to them. If you’d like to donate, you can send a few bucks via PayPal at https://www.paypal.me/PatRichard. Money collected from that will go to the costs of my website (hosting and domain names), as well as to my home lab.

 

Categories: PowerShell Tags:

PowerShell Default Parameter Values – Time to Tweak Your Profile Again!

January 18th, 2017 No comments

One of the great things about a PowerShell profile is you get to customize the environment. One nice feature to accomplish this is the ability to set default parameter values for cmdlets. A great write-up about this is available at About Parameters Default Values. You can see similar info by running get-help about_Parameters_Default_Values. I’m not going to go into great detail about the feature, as those two resources are more than sufficient. What I am going to list here are some great examples that I’ve come to love. They are all in my profile.

This first example if my favorite. When you use the Get-Help cmdlet, the resulting info is shown in a popup window. This is great as I can keep it open while I work on my code in the main console window.

$PsDefaultParameterValues.add("Get-Help:ShowWindow",$True)

If you’re an OCD type like me, you want output of commands to be formatted and everything to line up. This example defaults the Format-Table cmdlet to autosize its output.

$PsDefaultParameterValues.add("Format-Table:AutoSize",$True)

We can actually set this behavior for both Format-Wide and Format-Table at the same time (courtesy of TechNet):

$PSDefaultParameterValues.add("Format-[wt]*:Autosize",$True)

How about we capture the output of the last PowerShell command into a variable, such as $0 (courtesy of TechNet):

$PSDefaultParameterValues.add("Out-Default:OutVariable",“0”)

If you can’t tell by my other articles and scripts here, I spend a lot of time writing scripts to help in deployments, migrations, etc. When you’re getting or setting data in Active Directory, the last thing you want is for replication (intersite or intrasite) to be an issue. So, when possible, you specify a specific domain controller to send all of your commands together. This example comes from serverfault:

$PSDefaultParameterValues = @{"*-AD*:Server"='YOUR-CHOSEN-DC'}

Now that’s not completely perfect, as it would have a hard coded DC name. And just our luck, it will be migrated out of existence and then our stuff breaks. So, let’s set a default parameter value with the result of a PowerShell query. In this case, a DC in the same site for each of our Lync/Skype for Business cmdlets that support the Server parameter:

$PSDefaultParameterValues.add("*-Cs*:Server",(Get-ADDomainController -Discover -NextClosestSite))

Or maybe you want to specify the PDC emulator instead? (courtesy Tommy Maynard)

$PSDefaultParameterValues.Add("Get-ADPrincipalGroupMembership:Server",$((Get-ADDomain).PDCEmulator))

Or, we can use a variable. Let’s say we assign $DC to a DC in the same site, and then use that going forward:

$dc = Get-ADDomainController -Discover -NextClosestSite
$PSDefaultParameterValues.add("*-AD*:Server","$dc")
$PSDefaultParameterValues.add("*-Cs*:Server","$dc")

Now, how many times do you get the “Are you sure” prompt? Force the command instead of getting prompted!

$PSDefaultParameterValues['*:Force']= $true

Fellow MVP Boe Prox also has a great list of examples on his post Using $PSDefaultParameterValues in PowerShell. Check it out!

Now, you can list each of these, or any combination, in your profile, each on a separate line. Or, we can use an array to set all at one time:

$PSDefaultParameterValues=@{
'Format-Table:AutoSize'=$True;
'Get-Help:ShowWindow'=$True;
'Send-MailMessage:SmtpServer'=$smtpserver
}

Something to keep an eye on here. In previous examples, I was using the $PSDefaultParameterValues.add method which ADDS the value to the existing list. If you omit the “.add” and instead use “=” or “=@{}”, you are replacing all existing values with what you specify. Additionally, you can use the $PSDefaultParameterValues.remove method to remove specific parameter values and keep any remaining values. An example of removing a single default parameter value:

$PsDefaultParameterValues.remove("Get-Help:ShowWindow",$True)

Are all of these changes permanent? No. They are valid for the life of the PowerShell session. If you need to remove them mid-session, you can clear them using:

$PsDefaultParameterValues.clear()

Defining default parameter values can also be defined at various scopes, as well, including Global, Script, etc. See Get-Help about_Scope for more info.

I mentioned at the beginning that these are great in your profile. Well, they’re great in your scripts as well. They allow for global changes instead of going through a script and updating each call to a cmdlet. By all means, send me your favorites. We’ll build a big list!

Categories: PowerShell Tags: ,

All Skype for Business 2015 Cmdlets and the Default RBAC Roles That Can Use Them

December 23rd, 2016 No comments

Description

In All Lync 2013 Cmdlets and the Default RBAC Roles That Can Use Them and the corresponding 2010 version, I show a table that lists every cmdlet available in a fully patched Lync server environment, and the default permissions for each of the default RBAC roles. Doing one for Skype for Business was always on my list, but I never really got around to it until a visitor recently noted that some of the RBAC permissions changed for existing cmdlets when compared to the Lync Server 2013 list. So I figured it was time to do a new one. The previous versions were all manually created – every row. That was extremely laborious, taking many hours. This time around I automated the info gathering using (what else), PowerShell. This gave me all of the data in a .csv file, and three minutes of styling in Excel, and presto!

One thing I did notice is that there is a small group of cmdlets that don’t yet have a description, synopsis, uri, etc. So you’ll see those blank cells highlighted in bright red for now. I’ve reached out to the Product Group for info on when that info will be available. As soon as I have an answer, I’ll get it posted here.

So the spreadsheet is available below, but what good would a blog article be without some PowerShell code? So here’s the code I came up with to create the spreadsheet.

$objectCollection = @()
foreach ($cmdlet in (Get-Command -Module SkypeForBusiness | Sort-Object Name)){
    Write-Output $cmdlet
    $cmdletHelp = $(Get-Help $cmdlet)
    [string] $Synopsis = $cmdletHelp.Synopsis
    [string] $URI = (($cmdletHelp.relatedLinks.navigationLink | Where-Object {$_.linkText -match "Online Version"}).uri) -replace "EN-US/",""
    [string] $RBAC = "Get-CsAdminRole | Where-Object {`$`_.Cmdlets `–imatch `"$cmdlet`"}"
    $rbacroles = Get-CsAdminRole | Where-Object {$_.Cmdlets –imatch "$cmdlet"}

    [bool] $RbacCSAdministrator = $rbacroles.identity -icontains "CSAdministrator"
    [bool] $RbacCSVoiceAdministrator = $rbacroles.identity -icontains "CSVoiceAdministrator"
    [bool] $RbacCSUserAdministrator = $rbacroles.identity -icontains "CSUserAdministrator"
    [bool] $RbacCSResponseGroupAdministrator = $rbacroles.identity -icontains "CSResponseGroupAdministrator"
    [bool] $RbacCSLocationAdministrator = $rbacroles.identity -icontains "CSLocationAdministrator"
    [bool] $RbacCSArchivingAdministrator = $rbacroles.identity -icontains "CSArchivingAdministrator"
    [bool] $RbacCSViewOnlyAdministrator = $rbacroles.identity -icontains "CSViewOnlyAdministrator"
    [bool] $RbacCSServerAdministrator = $rbacroles.identity -icontains "CSServerAdministrator"
    [bool] $RbacCSHelpDesk = $rbacroles.identity -icontains "CSHelpDesk"
    [bool] $RbacCSResponseGroupManager = $rbacroles.identity -icontains "CSResponseGroupManager"
    [bool] $RbacCSPersistentChatAdministrator = $rbacroles.identity -icontains "CSPersistentChatAdministrator"

    $object = New-Object –Type PSObject
    $object | Add-Member –Type NoteProperty –Name Cmdlet -Value $cmdlet
    $object | Add-Member –Type NoteProperty –Name Description -Value $Synopsis
    $object | Add-Member –Type NoteProperty –Name Uri -Value $URI
    $object | Add-Member –Type NoteProperty –Name Validate -Value $rbac
    $object | Add-Member –Type NoteProperty –Name CSAdministrator -Value $RbacCSAdministrator
    $object | Add-Member –Type NoteProperty –Name CSArchivingAdministrator -Value $RbacCSArchivingAdministrator
    $object | Add-Member –Type NoteProperty –Name CSHelpDesk -Value $RbacCSHelpDesk
    $object | Add-Member –Type NoteProperty –Name CSLocationAdministrator -Value $RbacCSLocationAdministrator
    $object | Add-Member –Type NoteProperty –Name CSPersistentChatAdministrator -Value $RbacCSPersistentChatAdministrator
    $object | Add-Member –Type NoteProperty –Name CSResponseGroupAdministrator -Value $RbacCSResponseGroupAdministrator
    $object | Add-Member –Type NoteProperty –Name CSResponseGroupManager -Value $RbacCSResponseGroupManager
    $object | Add-Member –Type NoteProperty –Name CSServerAdministrator -Value $RbacCSServerAdministrator
    $object | Add-Member –Type NoteProperty –Name CSUserAdministrator -Value $RbacCSUserAdministrator
    $object | Add-Member –Type NoteProperty –Name CSViewOnlyAdministrator -Value $RbacCSViewOnlyAdministrator
    $object | Add-Member –Type NoteProperty –Name CSVoiceAdministrator -Value $RbacCSVoiceAdministrator
    $objectCollection += $object
}
$objectCollection | Export-Csv -Path $env:UserProfile\desktop\SfB2015cmdlets.csv -NoTypeInformation -Encoding UTF8

Donations

I’ve never been one to really solicit donations for my work. My offerings are created because *I* need to solve a problem, and once I do, it makes sense to offer the results of my work to the public. I mean, let’s face it: I can’t be the only one with that particular issue, right? Quite often, to my surprise, I’m asked why I don’t have a “donate” button so people can donate a few bucks. I’ve never really put much thought into it. But those inquiries are coming more often now, so I’m yielding to them. If you’d like to donate, you can send a few bucks via PayPal at https://www.paypal.me/PatRichard. Money collected from that will go to the costs of my website (hosting and domain names), as well as to my home lab.

Download

v1.0 – 12-23-2016 – SkypeForBusiness2015cmdlets.xlsx

Function: Remove-IisLogFile – Purging Old IIS Log Files with PowerShell

November 21st, 2016 No comments

PowerShell-logo-128x84If you’re not careful, your server running IIS can create a LOT of logs. The default location for logs is in a sub-folder for the specific web site in c:\inetpub\logs\logfiles\. You can imagine the problems that will happen when your OS drive fills up with logs… things tend to not go so well, and the phone starts to ring. We can’t really just disable logging, as log files are an invaluable resource used in troubleshooting, planning, and maintenance.

Ryan over at Ryadel wrote a great article on adjusting the logging for IIS to be a little more helpful, and to minimize bloat. But we still need to watch for the accumulation of logs and the disk space they take. Ryan includes a two-line method of cleaning up the files in a single IIS site. But some servers, such as Lync and Skype for Business front end servers, have multiple web sites defined. I’ve taken Ryan’s method a bit further by incorporating an idea presented in a Stack Overflow thread, tweaked it a bit, and now we have some code that will clean up all log files that are older than 180 days for all websites on a server. Obviously, that time frame can be adjusted. Here it is the simple method:

Import-Module WebAdministration
$start = (Get-Date).AddDays(-180) 
foreach($WebSite in $(Get-WebSite)) {
  $logFile = "$($Website.logFile.directory)\w3svc$($website.id)".replace("%SystemDrive%",$env:SystemDrive)
  if (Test-Path $logfile){
    Get-ChildItem -Path "$logFile\*.log" | Where-Object {$PSItem.LastWriteTime -lt $start} | Remove-Item -Force
    # Write-Output "$($WebSite.name) [$logfile]"
  }
}

By adjusting the number at the end of the second line, we tailor the maximum age of the logs. In the above example, we’re keeping 180 days of them. We could put that code into a script and call it with a scheduled task to automate the cleanup, essentially creating a self-cleaning server. We can also wrap that code into a function and toss it into the PowerShell profile on the web server, allowing us to run it whenever we need to:

function Remove-IisLogFile{
    [CmdletBinding()]
    param(
        [Parameter(ValueFromPipeline, ValueFromPipelineByPropertyName)]
        [int] $age = 180
    )
    Import-Module WebAdministration
    $start = (Get-Date).AddDays(-$age) 
    foreach($WebSite in $(Get-WebSite)) {
      $logFile = "$($Website.logFile.directory)\w3svc$($website.id)".replace("%SystemDrive%",$env:SystemDrive)
      if (Test-Path $logfile){
        Get-ChildItem -Path "$logFile\*.log" | Where-Object {$PSItem.LastWriteTime -lt $start} | Remove-Item
        # Get-ChildItem -Path "$logFile\*.log" | Where-Object {$PSItem.LastWriteTime -lt $start}
        Write-host "$($WebSite.name) [$logfile]"
      }
    }
}

Then we can call it, optionally specifying the age of the log files we want to purge using the -age parameter. I incorporate the Test-Path code to ensure we’re not throwing an error for a website that is stopped and has never run. This is often the case in the aforementioned Lync/Skype for Business servers, where the default web site is disabled.

As you can see, PowerShell can be great at making sure your servers don’t get packed full of log files, while still maintaining enough logs to be helpful.

Donations

I’ve never been one to really solicit donations for my work. My offerings are created because *I* need to solve a problem, and once I do, it makes sense to offer the results of my work to the public. I mean, let’s face it: I can’t be the only one with that particular issue, right? Quite often, to my surprise, I’m asked why I don’t have a “donate” button so people can donate a few bucks. I’ve never really put much thought into it. But those inquiries are coming more often now, so I’m yielding to them. If you’d like to donate, you can send a few bucks via PayPal at https://www.paypal.me/PatRichard. Money collected from that will go to the costs of my website (hosting and domain names), as well as to my home lab.

Script: Set-CsFeatures.ps1 – Easily Install Prerequisites and Tools for Lync Server 2013 and Skype for Business Server 2015

October 24th, 2016 21 comments

skype_for_business_secondary_blue_rgbDescription

Installing Skype for Business and Lync servers is usually boring if you’re a consultant who does it often. Making sure the server specs are right, installing OS features, configuring NICs, etc. It’s even more boring if you’re building a bunch of servers at one time. There’s always a chance for human error, too. So why not automate as much as possible? That’s what I was after when I built the Lync Server 2010 prereq script, then the Lync Server 2013 prereq script. And it’s certainly what I’m after for Skype for Business Server 2015. This time, however, I opted to not have a separate script for Skype for Business. Many of the requirements are the same, or just slightly different, than Lync Server 2013. So I just added the SfB functionality to the 2013 script, and updated everything as a whole.

When calling the script, one only needs to specify the –Skype4b switch to put the script into “Skype for Business mode”. Not specifying that switch cause a pop-up to appear, asking what mode you’d like. The menus don’t change based on what mode the script is in. Options for only one platform are clearly noted. Otherwise, the options automatically adjust for the platform you’ve chosen. The menu starts out with core prerequisite options for common Lync/SfB roles, followed by Microsoft tools and resources, some third-party tools and options, and then some sub-menus. Sub-menus are broken down by Misc server config, Desktop shortcuts, Taskbar shortcuts, Downloads, and Security options. As you can see, there are TONS of options. I’m not going to list every menu and option here, as the nature of the script means I’ll be adding/updating things as people request them, or as vendors update/alter their offerings. Just note that the options from the 2013 script have been moved around a little bit as I try to keep things organized.

This version also uses my new method of checking for updates, as mentioned in Function: Get-UpdateInfo – Making It Easy for Your Users to Get the Latest Version of Your Scripts. When a new version is available, you’ll get a pop-up notifying you.

If you’re aware of a third-party product, or even Microsoft product, that is a good match for Skype for Business servers, let me know. I’m happy to take a look and see if it would make a good addition to the script.

Super big thanks to my beta testers for supplying bug reports, suggestions, and comments.

Syntax

C:\Set-CsFeatures.ps1 [-TargetFolder <String>] [-WindowsSource <String>] [-SQLPath <String>] [-InitialMenuOption <Int32>] [-IncludeSSMS] [-IncludeTelnet] [-IncludeFW] [-IncludeHighPower] [-IncludeStandard] [-GetInfoFromRegistry] [-OWASOveride] [-DownloadOnly] [-SkipCoreCheck] [-Tail] [-Skype4b] [-SkipUpdateCheck] [-WhatIf] [-Confirm] [-IncludeTotalCount] [-Skip <UInt64>] [-First <UInt64>] [<CommonParameters>]

C:\Set-CsFeatures.ps1 [-TargetFolder <String>] [-GetInfoFromRegistry] [-OWASOveride] [-DownloadAll] [-SkipCoreCheck] [-Tail] [-Skype4b] [-WhatIf] [-Confirm] [-IncludeTotalCount] [-Skip <UInt64>] [-First <UInt64>] [<CommonParameters>]

C:\Set-CsFeatures.ps1 [-GetInfoFromRegistry] [-ClearRunningStatus] [-WhatIf] [-Confirm] [-IncludeTotalCount] [-Skip <UInt64>] [-First <UInt64>] [<CommonParameters>]

C:\Set-CsFeatures.ps1 [-GetInfoFromRegistry] [-Skype4b] [-WhatIf] [-Confirm] [-IncludeTotalCount] [-Skip <UInt64>] [-First <UInt64>] [<CommonParameters>]

Examples

.\Set-CsFeatures.ps1 -Skype4b

Runs script in Skype for Business mode. Options chosen while running in this mode are tailored to Skype for Business. Not specifying this option will cause a pop-up prompt when the script starts, allowing a user to choose the desired mode.

.\Set-CsFeatures.ps1

Runs script with default values.

.\Set-CsFeatures.ps1 -WindowsSource "d:"

Runs script with the location defined for the Windows Server 2012/2012 R2 installation files.

.\Set-CsFeatures.ps1 -SQLPath "d:\sqlexpress"

Runs the script and installs any required SQL Express instances in the specified location.

.\Set-CsFeatures.ps1 -TargetFolder "d:\installbits"

Runs the script, and saves any downloaded files and written logs in the specified location instead of the default “c:\_install”.

.\Set-CsFeatures.ps1 -InitialMenuOption 3

Runs the script, and automatically starts option 3 (Front End server). Once it’s finished with that option, the script functions as normal, and displays the menu. NOTE: only options from the main menu can be specified. Options in sub-menus are not available with -InitialMenuOption.

.\Set-CsFeatures.ps1 -tail

Runs script with default values, but also shows an additional PowerShell window showing a live running log file.

Parameters

-TargetFolder

Defines the location for any downloaded files. Defaults to “c:\_install”. Additionally, log files generated by this script are located in a sub-folder of TargetFolder called “logs”. TargetFolder does not support paths with spaces, but does support non-hidden UNC paths.

-WindowsSource

Defines the location of the Windows Server installation files. This is needed to install .Net 3.5 since those files are not installed on the server by default. Defaults to first detected CD-ROM/DVD drive. This can be a local file path, path to an .ISO file, or a non-hidden UNC path.

-SQLPath

Defines the desired installation path for SQL Express. Defaults to “c:\Program Files\Microsoft SQL Server”.

-InitialMenuOption

Allows you to start the script with the option you want, without first displaying the menu.

-IncludeSSMS

If specified, will include SQL Server Management Studio automatically when prereqs are installed for any server that has SQL Express instances. If not specified, a prompt will appear.

-IncludeTelnet

If specified, will include Telnet automatically when prereqs for Front End servers, Director servers, Mediation servers, Edge servers, and/or Persistent Chat servers are installed. If not specified, a prompt will appear.

-IncludeFW

If specified, will include the firewall rules for Get-CsConnections automatically when prereqs for Front End servers are installed. If not specified, a prompt will appear.

-IncludeHighPower

If specified, tells the script to automatically set the Power Config on the server to High Power. This is instead of the script prompting. This option is available for all server roles.

-IncludeStandard

If specified, tells the script to include the extra SQL Express instance required for Standard Edition front end servers. This is instead of the script prompting.

-GetInfoFromRegistry

This value is only used during mid-prereq reboots. It is automatically set and read by the script, and should never be manually specified.

-OWASOveride

Don’t use this parameter. It’s for internal testing only. Using it can render the server unusable.

-DownloadOnly

Tells this script to not install or configure anything – just download the files. This is useful if you’re going to be building servers that do not have Internet access and want to fetch the files beforehand. The big difference between this option and -DownloadAll, is that this option presents the normal menus, and allows you to download files for the options you pick. The -DownloadAll option downloads ALL files needed for ALL options.

-DownloadAll

Tells this script to not install or configure anything – just download ALL of the files. This is useful if you’re going to be building servers that do not have Internet access and want to fetch the files beforehand from a desktop computer. The big difference between this option and -DownloadOnly, is that this option downloads ALL files needed for ALL options, whereas -DownloadOnly allows a user to download files for specific options they choose.

-ClearRunningStatus

This switch forces the running status to be reset. This option should ONLY be used if the script exits/aborts dirty, and attempts to run the script again yield a “Script is already running” message.

-SkipCoreCheck

When specified, skips the check for Server Core. It is not meant to be called manually, as it’s used when the script needs to restart after a server reboot.

-Tail

When specified, opens another PowerShell session and tails the log file, similar to *nix. This is really only beneficial during troubleshooting.

-Skype4b

When specified, uses values specific to Skype For Business Server 2015 for prerequisites. If this option is NOT specified a pop-up will appear, asking which mode the script should operate in: Lync Server 2013 or Skype for Business Server 2015.

-SkipUpdateCheck

When specified, skips the check for a newer version of the script. This option is included mainly for when the script reboots the server.

Installation

No installation is necessary.

Execution Policy: Third-party PowerShell scripts may require that the PowerShell Execution Policy be set to either AllSigned, RemoteSigned, or Unrestricted. The default is Restricted, which prevents scripts – even code signed scripts – from running. For more information about setting your Execution Policy, see Using the Set-ExecutionPolicy Cmdlet.

Donations

I’ve never been one to really solicit donations for my work. My offerings are created because *I* need to solve a problem, and once I do, it makes sense to offer the results of my work to the public. I mean, let’s face it: I can’t be the only one with that particular issue, right? Quite often, to my surprise, I’m asked why I don’t have a “donate” button so people can donate a few bucks. I’ve never really put much thought into it. But those inquiries are coming more often now, so I’m yielding to them. If you’d like to donate, you can send a few bucks via PayPal at https://www.paypal.me/PatRichard. Money collected from that will go to the costs of my website (hosting and domain names), as well as to my home lab.

Frequently Asked Questions

Question: Why doesn’t this script support Windows Server 2008 R2?

Answer: I get asked this all the time. There are several reasons. The first is that out of the box, Server 2008 R2 has PowerShell 2.0 installed, and this script is written in PowerShell 3.0. Requiring you to upgrade to PowerShell 3.0 first, before running a script that installs prerequisites, seems counter-intuitive. And converting the script to just use PowerShell 2.0 is taking a step backwards, especially considering that the current version of PowerShell is 5.0, and even as this is written, 5.1 is in preview.

Next is sheer time. I test changes I make. And then I test them again. And then I choose different options and combinations and test them. Testing on just Server 2012 and Server 2012 R2 is exhausting. Adding Server 2008 R2 would mean even more testing, plus I’d have to add those resources in my already overtaxed test labs. That would slow down my ability to add new features and test fixes.

Third is that Server 2008 R2 is three versions back. Get with the times already!


Question: Does the script support Windows Server 2016?

Answer: No, and the primary reason is that Lync Server 2013 and Skype for Business Server 2015 are not supported on Windows Server 2016. Once they are supported on Windows Server 2016 (and it will likely only be Skype for Business Server 2015 that’s supported), I’ll adjust the script as needed. I’ve already done some preliminary work.


Question: Can you add feature x?

Answer: I LOVE getting feature requests. Seriously! Best method to suggest features is to send me an email. My email address is in the comment section at the top of every script I publish. Please be detailed in what you’d like to see, as well as any scenarios you’d use the option (so I can try to duplicate testing). This also goes for additional tools, whether Microsoft or third-party.


Question: How do I submit bug reports?

Answer: Email is best. Grab my email address from the comment section at the top of the script. Please be VERY detailed. Please include screen shots if possible, and ALWAYS include the log file. If the script will start, select option 96, “Report a bug/problem with this script”. If you’re not using the latest version of the script, please download it from the Downloads section below and see if you can duplicate the problem before reporting it.


Question: What if my server doesn’t have Internet access?

Answer: Fear not. Download the required files using either the -DownloadOnly or -DownloadAll options from another machine and place them in the TargetFolder, which is c:\_install by default. The script looks to see if the file is available locally before attempting to download. An exception to this is the latest cumulative update, which is always downloaded, since the URL and file name don’t change, even when the version does.


Question: When I run the script again, I get “Script already running”

Answer: This is because the script didn’t exit gracefully. Many reasons this can happen, such as rebooting the server while it’s still running. If you’re positive it’s not running anywhere else (including by other users logged into the same server), run the script with the -ClearRunningStatus switch to clear that flag. Then run it as normal.


Question: Is there an option to specify where (i.e. path) all of the various tools are installed?

Answer: No. And not for a lack of trying. Some tools don’t support automated installs with a specified path. And some of those that DO, actually still dump some core files in a “default” location. The more I tried to come up with the solution, the more I realized that it would entail a substantial amount of overhead in the script.


Question: Why does the script report an unsupported version of .NET Framework?

Answer: Because Lync Server 2013 and Skype for Business Server 2015 don’t support the version detected. Once they do, I’ll adjust the script accordingly.


Download

v4.10 – 05-15-2017 – Set-CsFeatures.v4.10.zip

v4.09 – 05-13-2017 – Set-CsFeatures.v4.09.zip

v4.08 – 04-19-2017 – Set-CsFeatures.v4.08.zip

v4.07 – 04-14-2017 – Set-CsFeatures.v4.07.zip

v4.06 – 02-05-2017 – Set-CsFeatures.v4.06.zip

v4.05 – 11-04-2016 – Set-CsFeatures.v4.05.zip

v4.04 – 11-02-2016 – Set-CsFeatures.v4.04.zip

v4.03 – 11-01-2016 – Set-CsFeatures.v4.03.zip

v4.02 – 10-28-2016 – Set-CsFeatures.v4.02.zip

v4.01 – 10-25-2016 – Set-CsFeatures.v4.01.zip

v4.0 – 10-24-2016 – Set-CsFeatures.v4.0.zip

Changelog

See the changelog for information on what’s changed/included in each version.

Changelog: Set-CsFeatures.ps1

October 24th, 2016 No comments

This is the changelog page for Script: Set-CsFeatures.ps1 – Easily Install Prerequisites and Tools for Lync Server 2013 and Skype for Business Server 2015. You will find a complete list of released versions, their dates, and the features and issues addressed in each. Please refer to the script’s main page for more information including download links, installation details, and more.

v4.10 – 05-15-2017

  1. Write-Log function upgraded to v3.1
  2. fixed logic in 90-6 (disable SMBv1)

v4.09 – 05-13-2017

  1. Minor menu cleanup
  2. Added a reboot check after Wireshark is installed, and before the config macro runs. Two people have reported spontaneous server reboots at that point. It’s not the script – it’s WireShark.
  3. Upgraded SQL Server Management Studio to v17.
  4. fixed a couple of typos – thanks to @greiginsydney for pointing them out.
  5. fixed an issue with disabling NetBIOS over TCP/IP
  6. option 50-22 (Add Trusted Root Cert Authorities to Edge Servers) added. See https://www.ucunleashed.com/3029 for more info.
  7. Minor adjustments to basic function code

v4.08 – 04-19-2017

  1. Added Lync Edge Server Replication failed FALSE with red cross (option 90-5)
  2. added Disable SMBv1 (option 90-6)
  3. Fixed issue with Windows Source files when installing prereqs for Persistent Chat servers. Thanks to Steve for sending me the bug report.

v4.07 – 04-14-2017

  1. added Meeting Migration Tool (option 80-11) to the download menu. This option downloads both the 32 and 64 bit versions. Because both versions have the same file name, they are downloaded to individual sub folders.
  2. added Cloud Center Edition v1.4.2 (option 80-12) to the download menu
  3. Substantial code optimization utilizing PsScriptAnalyzer and PsSharper (literally like 2000 lines of code tweaked)
  4. removed Test-ScriptUpdate function since it was replaced with the newer update method
  5. updated Test-InvalidCert function to v1.3 (adds checking of Intermediate Store & moves certs in the incorrect store to the correct store). Note that this function runs automatically when the script is started. Results are written to the log file.
  6. updated Write-Log function to v3.0 (adds a verbose level)
  7. fixed a typo in the virtualization detection code (how did I miss THAT?)
  8. Updated download URL for network assessment download
  9. removed download URL for RASK Resources file, as it seems to no longer be available for download
  10. updated .NET check to only throw an error if the detected version is > v4.6.2, since v4.6.2 is now supported (assuming CU 4)
  11. Updated Wireshark (option 30-1) to v2.2.6
  12. Updated Windows Features required for Director role. Thanks to @greiginsydney for pointing it out.
  13. added Windows Features for Skype for Business 2015 stand-alone Mediation server. Thanks to @greiginsydney for the info.

v4.06 – 02-05-2017

  1. Added some additional code for OOS (option 5) to deal with (& log) potential issue where OOS ISO image isn’t mounted, or takes a while to mount.
  2. Added option 80-10: Skype for Business Adoption Portal [DOWNLOAD ONLY]
  3. Re-enabled the static route section of the edge server config (option 2). I forgot this was disabled. This has always been a real pain to deal with. This is because sometimes, when you programmatically remove the gateway on the internal NIC and reboot the machine, Windows will clear ALL of the config for that NIC. This usually means that when the machine is back up and running, you can’t connect to it. I have yet to find a rhyme or reason as to what causes this. If you can’t RDP to the edge server once it reboots, check the internal NIC config.
  4. Added option 90-4 to disable the RC4 Ciper. See https://support.microsoft.com/en-us/kb/2868725 and https://support.microsoft.com/en-us/kb/245030 for more info.
  5. Updated option 5 (OOS) to November 2016 build
  6. Added option 70-13 – WireShark taskbar shortcut
  7. Fixed an issue with 50-19 (Block install of .NET 4.6.1) that would thow an error when checking for specific registry values
  8. Updated option 6 (Persistent Chat) for Skype for Business Server 2015
  9. Fixed an issue in option 6 (Persistent Chat) where if a reboot was required, and the user chose to reboot, the server wouldn’t reboot automatically.
  10. Updated option 30-1 (WireShark) to prompt if you want a taskbar shortcut created for WireShark.
  11. Updated option 50-18 (Skype federation) to ensure that the provider config is enabled if it already exists.
  12. Minor tweaking to Write-Log (logging function)
  13. Minor tweak to detection of last boot time
  14. Updated option 30-1 (WireShark) to v2.2.4
  15. Updated Get-UpdateInfo function to v1.2
  16. Updated 50-14 (Install Skype for Business Online Admin components) to include all requirements for management of Skype for Business in O365, including “Microsoft Online Services Sign-in Assistant”, “Windows Azure Active Directory Module for Windows PowerShell”, and “Skype for Business Online, Windows PowerShell Module”
  17. Updated 80-6 (Download Skype for Business Online Admin components) to include all requirements for management of Skype for Business in O365, including “Microsoft Online Services Sign-in Assistant”, “Windows Azure Active Directory Module for Windows PowerShell”, and “Skype for Business Online, Windows PowerShell Module”

v4.05 – 11-04-2016

  1. Updated GUID for Message Analyzer as MS rolled out a new version (4.0.8112.0), and the script was hanging looking for the old GUID.
  2. Fixed an issue where the SMB file share would get the wrong share name when not specifying -skype4b option, and choosing “yes” on the prompt.

v4.04 – 11-02-2016

  1. Fixed some URL references that still pointed to the old version of the script & its related downloads. No functionality changes as a result of this. More of just a housekeeping issue. Added a variable that will eliminate this issue going forward.
  2. Fixed an issue where a file download fails (for any reason), and the retry fails because the filename has a space in it. Stupid missing quotes….
  3. Fixed an issue where the SQL Express code wouldn’t run when using -skype4b and selecting options 1, 2, 4, or 6.
  4. Updated .NET warning to include a link to Jeff Guillet’s article on removing .NET framework 4.6.1
  5. Updated SQL Express 2014 and SQL Server Management Studio to SP2 (from RTM). Dunno why I didn’t see that earlier. – Thanks to @pilzi for pointing it out to me.
  6. The usual code optimization as I find better, faster, more efficient/consistent ways of doing things.
  7. Preliminary work around supporting Windows Server 2016 – NOTE: Lync Server 2013 and Skype for Business Server 2015 are NOT supported on Windows Server 2016. Yet.

v4.03 – 11-01-2016

  1. Fixed issue with option 60-6 in Skype4b mode not recognizing resource kit installed (it was looking for the old executable name)
  2. Changed -Win2012Source parameter to -WindowsSource (in anticipation of Windows 2016 support for Skype for Business Server 2015)
  3. Created option 30 – Third Party Tools menu, and moved WireShark and Customized PortQryUI to it
  4. Code optimization
  5. Moved option 24 (UCMA) to the Misc Server Config menu (50)
  6. Moved option 16 (Windows Update) to the Misc Server Config menu (50)
  7. fixed URLs in comment help for the script (they were still pointing at the old version)
  8. added the SQL Express and SQL Server Management Studio (SSMS) code for -Skype4B. Selecting appropriate options will now install the SQL Express 2014 instances and/or SSMS. -SQLPath works as intended, as well.
  9. Updated the function that checks for an update. It should now properly show the changelog info in the popup message.
  10. minor changes to some test functions

v4.02 – 10-28-2016

  1. Added option: 40-4 – Show Response Groups with no agents
  2. Added option: 50-19 – Temporarily block the installation of .NET Framework 4.6.1 – this does not remove any existing installation of .Net 4.6.1. See https://support.microsoft.com/en-us/kb/3133990 for more info on the method used, and http://www.expta.com/2016/02/how-to-uninstall-net-framework-461.html for info on how to remove .NET Framework 4.6.1.
  3. Fixed main menu not displaying option 40 (reports)
  4. Fixed issue with some downloads not working – Thanks to Martijn for pointing it out

v4.01 – 10-25-2016

  1. Fixed a minor display issue when submitting bug reports.
  2. Fixed a minor issue when the script can’t connect to the web site to retrieve update info.
  3. Fixed an issue where errors would occur if the person running the script isn’t a Domain Admin.
  4. Added option 40 to main menu for reports, and added:
    1. 40-1) Show AD disabled accounts that are still enabled in Lync/SfB
    2. 40-2) Show elevated accounts that are enabled in Lync/SfB
    3. 40-3) Show users whose SMTP address doesn’t match their SIP address

v4.0 – 10-24-2016

  1. Initial version

Rebranding – A New Name, a New Domain, Same Focus

October 21st, 2016 3 comments

When I first started this blog, I was an Exchange consultant and MVP. I spent my work days working with clients and deploying Exchange, or migrating from one version to another, or migrating from a different solution, such as Notes or GroupWise, to Exchange. Times were fun and challenging. I picked the name Ehlo World for two reasons. First, “ehlo” is a command that two mail servers send to each other at the beginning of a conversation negotiation. The “world” part came as an homage to “Hello World”. If you’ve written scripts or code, you know that one of the first exercises in learning how to code was to issue a command that would output “Hello world” to the console screen. Since I was noodling with PowerShell, which got its first big push with Exchange server, the “ehlo world” kinda made sense to me.

Flash forward years later, and my coworker, Mark Smith, came to me and said “We’re going to start also doing OCS and Lync consulting. We need a Lync guy. Tag – you’re it.”. I could barely spell OCS or Lync at the time. I had never seen the admin console, let alone deployed it. But I dove in, and it’s been a fabulous ride. As I’ve gone along, I’ve also further honed my PowerShell skills. I’ve written some whopper sized scripts, including several that were more than 6000 lines a piece. When you tie (now) Skype for Business and Exchange and PowerShell and Office 365 together, you get a great Unified Communications platform. UC. While I don’t spend much time dealing with Exchange these days, I still noodle with scripts for it. Mostly those requested by coworkers, clients, and peers. But I’m primarily focused on the Skype for Business side, and the Ehlo World name was a little stale given my focus. So, I’m rebranding to UC Unleashed. UC for the previously mentioned reasons, and the Unleashed for several others. First being that I’ve written scripts, functions, and one liners that (at least try to) think outside of the box. Second, I was honored to be involved in the writing of the Skype for Business Unleashed book.

So there you have it. A new name, but with the existing content. Linked URLs should automatically redirect to the post on the new ucunleashed.com domain soon. A new logo and a new blog theme are in the works. I’m working on some cool stuff (well, *I* think it’s cool), and you’ll see that soon. Until then, feel free to comment on my posts, suggest new scripts and ideas, and more.

Until then…

Function: Get-UpdateInfo – Making It Easy for Your Users to Get the Latest Version of Your Scripts

October 10th, 2016 No comments

updatepromptDescription

As a PowerShell developer, you always want your users to have the latest version of a script. It makes support a lot easier, while also making sure that users have the latest features and bug fixes. But how to encourage that? Well, for me, users of my scripts are typically not within the same environment as me. So Group Policy Objects, logon scripts, etc, aren’t a solution. Having the script automatically check for an update is much easier, and doesn’t require anything from the user1. So let’s take a look at a quick and easy method.

First, we need a repository where the update information will be held. XML is perfect for this. In this example, I created the following file, and saved it as version.xml:

<?xml version="1.0"?>
<catalog>
<article id="1697">
<title>Set-CsFeatures.ps1</title>
<author>Pat Richard</author>
<version>3.9.57</version>
<publish_date>2016-10-08</publish_date>
<description>Installs all required Windows 2012/Windows 2012 R2 components & optional tools.</description>
</article>
</catalog>

This file can reside anywhere. A file path, a web site, wherever. I chose a website for the reasons I mentioned above. You can see the above file in action at http://www.ucunleashed.com/downloads/version.xml. Some key points to the file. Each article I publish going forward will have it’s own “article” node. The ID I chose to tie to it is also the ID of the article’s URL, for consistency sake. In this example, 1697 is the prereq script seen at http://www.ucunleashed.com/1697. The version value is the version of the latest general availability (“GA”) build. We’ll query that value, compare it against the version of the script running the query, and see if it’s newer. Note that there is some other info in the XML file, and that’s irrelevant to what we’re discussing here.

[xml] $xml = (New-Object System.Net.WebClient).DownloadString("http://www.ucunleashed.com/downloads/version.xml")
$Ga = ($xml.catalog.article | Where-Object {$_.id -eq $article}).version

We supply the $article value when making the call. After that, it’s a simple comparison. In the prereq script, near the beginning, I assign a variable, $version, with a value. Let’s say it’s “3.9.55”. We compare $Ga against $Version

$Ga -gt $Version

If it’s true, we know a newer version exists. If it’s false, we know the currently running script is the latest version. In theory, we could also use this to alert of a regression in case we needed to downgrade (gasp!). So let’s put this together. We assign a variable, $xml, to the results of downloading an xml file. Then, we assign $ga to the value of “version” for the specific node within the xml file that contains the info for the article. Lastly, we do our comparison and give some output if there is an update.

[xml] $xml = (New-Object System.Net.WebClient).DownloadString("http://www.ucunleashed.com/downloads/version.xml")
$Ga = ($xml.catalog.article | Where-Object {$_.id -eq $article}).version
if ($Ga -gt $Version){Write-Output "A new version is available!"}

Now, obviously, we can pretty this up a bit. But before we do that, let’s think of issues we could run into. The big one is making sure we have an Internet connection to use to check the XML file. As much as we can often assume there will be one, a LOT of organizations block Internet access to servers as part of their security posture. So we shouldn’t assume. We can check using the following:

[bool] $HasInternetAccess = ([Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]'{DCB00C01-570F-4A9B-8D69-199FDBA5723B}')).IsConnectedToInternet)

And then using an IF loop against $HasInternetAccess. So let’s throw this all into a function we can incorporate into our scripts and modules:

function Get-UpdateInfo {
  [CmdletBinding(SupportsShouldProcess, SupportsPaging)]
  param (
    # Article/script to check for updates
    [parameter(ValueFromPipeline, ValueFromPipelineByPropertyName)]
    [string] $article
  )
  [bool] $HasInternetAccess = ([Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]'{DCB00C01-570F-4A9B-8D69-199FDBA5723B}')).IsConnectedToInternet)
  if ($HasInternetAccess){
    [xml] $xml = (New-Object System.Net.WebClient).DownloadString("http://www.ucunleashed.com/downloads/version.xml")
    $Ga = ($xml.catalog.article | Where-Object {$_.id -eq $article}).Version    
    if ($Ga -gt $version){
      Write-Log -Level Warn -Message "Outdated version. Version $Ga is latest version. Prompting user" -NoConsole
      $wshell = New-Object -ComObject Wscript.Shell -ErrorAction Stop
      $updatePrompt = $wshell.Popup("A new version ($ga) of the script is available. Would you like to download it?",0,"A new version is available",68)
      if ($updatePrompt -eq 6){
        Start-Process "http://www.ucunleashed.com/$article"
      }
    }
  }else{
    Write-Output "No Internet connectivity. Unable to check online for update info."
  }
} # end function function Get-UpdateInfo

Here we incorporate a simple ComObject popup message to ask if the user wants to download the new version. Since we have assigned the GA number to $ga, we can use that in the popup text, as well, as shown in the image at the beginning of this article. If $updatePrompt is “6”, then the user clicked “Yes” on the popup, and we can take action such as opening a browser window and navigating to the articles page. Or we could download a file, or any of a number of actions. If $updatePrompt is “7”, then the user clicked “No”.

So, as you can see, it’s really not that hard to add an update checker to your scripts. When you release a new version, simply update the XML file to reflect accordingly.

Note: Take care in what kind of characters are in the XML file. Some special characters, such an ampersand (“&”), aren’t handled very well. When in doubt, open a browser window and navigate to the file.

1 – Depending on the action you require once it’s known an update is available.

Donations

I’ve never been one to really solicit donations for my work. My offerings are created because *I* need to solve a problem, and once I do, it makes sense to offer the results of my work to the public. I mean, let’s face it: I can’t be the only one with that particular issue, right? Quite often, to my surprise, I’m asked why I don’t have a “donate” button so people can donate a few bucks. I’ve never really put much thought into it. But those inquiries are coming more often now, so I’m yielding to them. If you’d like to donate, you can send a few bucks via PayPal at https://www.paypal.me/PatRichard. Money collected from that will go to the costs of my website (hosting and domain names), as well as to my home lab.

Automatically Installing and Configuring WireShark for Skype for Business

October 7th, 2016 2 comments

wiresharkDescription

I mention in the blog article Script: Set-Cs2013Features.ps1 – Easily Install Prerequisites and Tools for Microsoft Lync Server 2013 that one of the options in the menu, #30, is download, install, and configure WireShark. The configuration settings are based on those mentioned by Jeff Schertz (Wireshark Capture Tips) and Matt Landis (Getting Started With Lync and Wireshark: Tips & Quirks) , as well as those I’ve found useful. Most of these settings REALLY help when you’re looking at traces (and who doesn’t love an afternoon of doing that?). Among some of the configuration settings are:

  1. adds Source Port (resolved) column
  2. adds Destination Port (resolved) column
  3. adds DSCP column
  4. Configures RTP protocol “Try to decode RTP outside of conversations”
  5. Configures SIP protocol for ports 5060-5068 (instead of WireShark’s default of 5060)
  6. Sets the time format to human readable format

Why manually configure these on your server (or worse, many servers), if we can automate it? Let’s make our deployment life easier. Getting WireShark installed programmatically isn’t like other programs. There is no .msi file, or silent install switches. Methods I’ve used in other scripts just didn’t work. And believe me, I tried. And tried. And tried. So, I went medieval on it, and used AutoIt to create a macro that steps through the installer, clicking the right buttons. This works exceptionally well, and is fairly fast. But I wanted to also include the configuration steps mentioned above. And this is where it got interesting. WireShark’s config file seems to change formats and details often. So writing something that would change the config file directly seemed like it would be a losing battle. So, back to AutoIt. For 95% of the config, it worked great. But there seemed to be a need to click on the custom columns in order to set their name. AutoIt allows for moving the mouse to a certain vector, then clicking. But even with maximizing everything, the coordinates were never the same on different servers with different resolutions or RDP sessions. So that part of it would often not work. You’d get the columns, but they’d be named “New Column”. Not ideal. Finally, after taking a break from trying to figure that out, I rethought about it, and was able to figure out the right keyboard combination to accomplish the same thing. Success! There is one section right after that where the mouse is required to move the new columns into the desired order, but that seems to always work, and there’s no keyboard control for that. A remaining issue has been there since I first started this task. And that is the fact that AutoIt is written to take action based on app windows with certain titles. Usually not an issue at all, except that WireShark has always included the version number in the title bar. So every time there is a new version released, I’d have to open the source file, change the version number, re-compile to an .exe file, test, upload to my server, and update the prereq script. All in all, it is like 10 minutes of work, but I’ll need to continue to do that. As a result, I’m releasing the macros bundled the appropriate version of WireShark. Not sure if that violates some license with WireShark, but since they seem uninterested in making a silent installer method… Download the file from the link below. Unzip anywhere, as long all of the files are in the same folder. You’ll see there are three files:

  1. The WireShark bits, which are named with the version number, such as Wireshark-win64-2.2.1.exe for version 2.2.1. This is the file as it comes from WireShark.
  2. The installer macro, which is also named according to the WireShark version it applies to, such as WireShark_2.2.1-install.exe
  3. The config macro, which is also named according to the WireShark version it applies to, such as WireShark_2.2.1-config.exe

Run the installer macro first by double clicking on it. You’ll see it zip through the WireShark install routine. Once that closes, you can run the config macro. You’ll see it walk though the config. I do NOT recommend running the config macro more than once – lest you end up with a completely mangled config. It takes a minute or so to run. Once it’s done, you can open WireShark Legacy and use it. Once you start a trace, you should immediately be able to see the added columns:

ports

Added columns in WireShark. Click for a larger version.

If you wander through the config menus, you’ll see the other settings as well. The v2.x WireShark application that is also installed when you install WireShark is configured somewhat differently, and I’ll address that in the future. Right now, I’m not aware that it provides any added benefit for Skype for Business/Lync admins anyways. But really, WireShark, would it kill you to use an XML file for your config?! Or registry values? If you have some specific config settings you use for WireShark, pass them along!

Donations

I’ve never been one to really solicit donations for my work. My offerings are created because *I* need to solve a problem, and once I do, it makes sense to offer the results of my work to the public. I mean, let’s face it: I can’t be the only one with that particular issue, right? Quite often, to my surprise, I’m asked why I don’t have a “donate” button so people can donate a few bucks. I’ve never really put much thought into it. But those inquiries are coming more often now, so I’m yielding to them. If you’d like to donate, you can send a few bucks via PayPal at https://www.paypal.me/PatRichard. Money collected from that will go to the costs of my website (hosting and domain names), as well as to my home lab.

Downloads

WireShark v2.2.7 – 06-01-2017 – Wireshark_2.2.7-install.zip

WireShark v2.2.6 – 04-12-2017 – Wireshark_2.2.6-install.zip

WireShark v2.2.5 – 03-06-2017 – Wireshark_2.2.5-install.zip

WireShark v2.2.4 – 01-31-2017 – Wireshark_2.2.4-install.zip

WireShark v2.2.3 – 12-23-2016 – Wireshark_2.2.3-install.zip

WireShark v2.2.2. – 11-24-2016 – WireShark_2.2.2-install.zip

WireShark v2.2.1 – 10-07-2016 – WireShark_2.2.1-install.zip

Changelog

See the changelog for information on what’s changed/included in each version.