Back to Basics: Testable Reference Pattern Manifesto (With Testable Sample Code)

Think about how babies initially learn - purely by observing patterns - but more specifically “actual working patterns”. They watch people actually walking, actually talking and actually eating in order to learn these activities - and their shiny new brain is really, really good at it.

Recently I published a PluralSight course on implementing the Center for Internet Security (CIS) AWS Foundations Benchmark security standard. As a part of that course I wanted to provide a working script that could make a clean, test AWS account compliant with the benchmark (an “actual working pattern”) I am writing this post to release that code as open source, as well as to relate some lessons learned during the journey of building it.

Read more

Share Comments

Unveiling The OpenSSH Universal Automated Installer

You may have heard some of the buzz about the open source project undertaken by the Mirosoft PowerShell team to create a native, standards compliant edition of OpenSSH. I have been working on the installation packaging for the OpenSSH project and I wanted to make sure everyone knew about the universal automated installer available to install it on any version of Windows.

Read more

Share Comments

A Sufficiently Viable Implementation (SVI) for Running Code Under The System Account on Nano Server

In the world of computing it is the small changes that can cost you the most in the long run. One bright morning I decided I wanted to make the Chocolatey openssh package run under Nano Server (without Chocolatey). This led to a lot of code refactoring to account for the many little limiting differences of Nano. One of these differences ended up being the implementation of how to run some configuration code in the SYSTEM account context.

Read more

Share Comments

Easing PowerShell WMF 5.1 Deployment Challenges Using The Chocolatey Package

I co-maintain the Chocolatey package for PowerShell. With the recent release of PowerShell 5.1, the Chocolate packaging is able to handle one more challenging, but potentially common, deployment scenario.

Microsoft is moving fast to retire version 5.0 by June of 2017 - including removing the downloads for 5.0 - a distinct encouragement to evaluate and adopt 5.1 quickly.

Lets talk about this challenge as well as a brief summary of some other challenging deployment scenarios that were already handled by the Chocolatey Package.

Read more

Share Comments

Straight and Narrow Code For Safe Windows Path Updates

Windows automation inevitably involves updating path environment variables. The most common is the Windows path (Variable: PATH), but increasingly we are all having to pay attention to the PowerShell module path (Variable: PSModulePath).

Over time I have learned most of the mistakes you can make when manipulating these paths first hand (Yep, there is a special flat spot on my forehead just for where I’ve banged it on the desk due to path issues).

Read more

Share Comments

Continue Your Automation To Run Once After Restarting a Headless Windows System

There are times when you cannot avoid having to reboot a system and continue with an automation task.

When you hit one of these, you start down the road of finding the built-in ways that Windows allows you to stage a task to start when the system restarts.

Read more

Share Comments

Oneliners For Procmon Debugging of AWS Cloud Formation Automation

I was working through some nasty Windows automation problems buried deep in a Cloud Formation template. Something appeared to be overwriting a certificate private key that we were placing on the system. The block of automation code that might contain the offending lines is a complex salt configuration. Being able to automatically enable a procmon trace for just that segment of code would be very handy since I can’t manually trace the automation and it would prevent me from having to trace the entire setup from start to end.

Read more

Share Comments

9 Months of Free Training with DevEssentials

Microsoft’s free Dev Essentials program has some super cool benefits - too many to plow through here. Once you are signed up you receive 3 months free to each of PluralSight, Linux Academy and WintellectNOW training. A ton of great free training just for signing up! You don’t have to redeem all the training at once, so you could put it end to end and focus on each one for a period of 3 months.

Read more

Share Comments

Solving the Dreaded 'Removed' Windows Features Problem

Working at a client site a while back I came across a problem when attempting to install .NET 3.5 on Server 2012 R2. Microsoft decided to remove install source for this component from a default Windows build done from their standard ISO. Technically the feature should be pulled from Microsoft Updates if you ask for it - but there are certain conditions under which it generates an error instead. The classic answer you’ll find posted a thousands times on the web is that you have to provide a pointer to the 275 MB ..\sources\sxs folder from the installation media. Not a problem if you only build servers in one environment, but it is a unnecessary logistical nightmare if you support the need to build them on workstation hypervisors (VMWare, Hyper-V, VirtualBox) or in multiple isolated cloud environments or tenants. Guess what - you don’t actually have to do it - here’s the fix…

Read more

Share Comments

At the Coal Face: Code for Debugging Deep PowerShell Execution

PowerShell is frequently the last mile worker at the coal face - 5 miles out in a tunnel at the bottom of a mine shaft.

This is because the breadth of Windows automation available through PowerShell results in it being embedded into almost every windows automation tooling stack - even when PowerShell is not the primary orchestration technology.

Whether you are using configuration management like Chef, Puppet, Ansible or Salt or a continuous deployment tool such as Team City, TFS or Octopus or cloud orchestration such as Cloud Foundry or Cloud Formation or even a traditional ops tool like Systems Center - at some point, somewhere you will be compelled to call PowerShell.

Being at the end of a deep call stack of automation technologies is the daily norm for PowerShell, but it can make troubleshooting and debugging problems difficult for the automation developer.

Read more

Share Comments