Setting Up Your Own Private, Secured Package Repository at PowerShell and DevOps Summit 2018

I will be speaking at the PowerShell and DevOps Summit 2018 on the topic of Setting Up Your Own Private, Secured Package Repository Abstract: Security and availability are good defensive reasons to curate public packages into a private repository, but there are many positive reasons as well! We will cover the benefits of a dedicated, private repository, as well as enabling secure, global reach and an analysis of repository options.

Read more

Share Comments

Automated Collection of Diagnostic System Information From Systems You Don't Own

Over time I’ve found there are many reasons why I may be asked to debug systems I do not have convenient access to.

It is painstaking to get lists of diagnostic information in circumstances such as these because it requires a lot of information relaying and lag times.

In the past, I have done a survey of the available options for systems information utilities to help get a dump of a system’s configuration information.

This post discusses the key selection criteria for such a utility and provides automation code (including oneliners) for collecting the diagnostics information with minimal relaying of instructions.


Read more

Share Comments

Logging and Error Handling Best Practices for Automating Windows Update Installs (MSU) with wusa.exe (And For Logging Any Called Process)

Automation of Windows Updates is generally done by calling wusa.exe against a .MSU file. When wusa.exe experiences a failure the messages are typically obscure and hard to diagnose. The underlying error messages, however, are frequently easy to understand and resolve.

The secret is to have wusa.exe do verbose logging in it’s standard exported windows event format and then use the PowerShell event message CMDLets to query that log - automatically, everytime you have an error.

Although focused on applying updates with wusa.exe, this article contains most of my logging best practices for automation coding when calling automated sub-processes.


Read more

Share Comments

PowerShell Core for Windows Chocolatey Package

I have been maintaining the PowerShell Core for Windows Chocolatey package for quite some time, however, since it is a pre-release package, it does not show up on Chocolatey’s search.

This post lets you know it is available and gives the commands for install, upgrade and uninstall.


Read more

Share Comments

The Universal PowerShell Core Installer (Install-PowerShell.sh)

Since PowerShell Core was announced not quite a year ago, I have had a surprising number of reasons to migrate or refit existing PowerShell code to run on PowerShell Core. In some cases keeping future development compatible with both environments adds strategic value.

The PowerShell Core project on github did have an early version of a multi-distro installer, but it required manual tweaks to be updated for each new release and was not using the repository links Microsoft has been putting up.

I believe the ability to quickly setup a sandbox environment is a critical capability for the adoption of any new technology. So, within the PowerShell Core open source project, I set out to build a universal installer that could be used to get the latest version, from repositories (to make updates easier) and optionally install a development environment consisting of Visual Studio Code and the VS Code PowerShell Extension.


Read more

Share Comments

Easy openssl for Windows via LibreSSL Chocolatey Package

The openssl command is frequently used to automate many certificate functions on Linux. I was recently working with a colleague who was very frustrated with the number of hoops they had to jump through to do similar things on Windows. “Why can’t there just be an openssl command for Windows?” was the general sense of their frustrations. Well, there is, but they can be painstaking to get onto a Windows machine for a just a few automation commands. Enter the LibreSSL Chocolatey package…


Read more

Share Comments

Fixed: Non-Functional Start Menu After Sysprep of Server 2016 - Including AWS

At Infor we are increasingly using Server Core due to it’s superior scaling time. However, when I do need to build a server with the GUI - having a non-functional start menu defeats the point. Windows 10 and Server 2016 suffer from a specific sysprep bug which causes the start menu to not pop when the start button is clicked. Here’s how to fix it - including a code snippet for automating the AWS build.


Read more

Share Comments

Back to Basics: Testable Reference Pattern Manifesto (With Testable Sample Code)

Think about how babies initially learn - purely by observing patterns - but more specifically “actual working patterns”. They watch people actually walking, actually talking and actually eating in order to learn these activities - and their shiny new brain is really, really good at it.

Recently I published a PluralSight course on implementing the Center for Internet Security (CIS) AWS Foundations Benchmark security standard. As a part of that course I wanted to provide a working script that could make a clean, test AWS account compliant with the benchmark (an “actual working pattern”) I am writing this post to release that code as open source, as well as to relate some lessons learned during the journey of building it.


Read more

Share Comments

Unveiling The OpenSSH Universal Automated Installer

You may have heard some of the buzz about the open source project undertaken by the Mirosoft PowerShell team to create a native, standards compliant edition of OpenSSH. I have been working on the installation packaging for the OpenSSH project and I wanted to make sure everyone knew about the universal automated installer available to install it on any version of Windows.

Read more

Share Comments

A Sufficiently Viable Implementation (SVI) for Running Code Under The System Account on Nano Server

In the world of computing it is the small changes that can cost you the most in the long run. One bright morning I decided I wanted to make the Chocolatey openssh package run under Nano Server (without Chocolatey). This led to a lot of code refactoring to account for the many little limiting differences of Nano. One of these differences ended up being the implementation of how to run some configuration code in the SYSTEM account context.

Read more

Share Comments