I just wanna learn!


Scheduling a PowerShell script… with arguments

Let’s say that you have a neat PowerShell script, which you want to run on some kind of a schedule (a script which will collect some data and send you an e-mail, every day in the same hour… ‘til the end of time – maybe this one) – how can you do it? Smile

The answer is simple. Yes, there is a tool included with Windows operating system, which can help you… and it’s called… well – Task Scheduler. Smile

And… if you never used the Task Scheduler in Windows, maybe this is the time to start.

It’s a rather simple tool – you click through a simple wizard, select what you need (a program) and when you need it, and you’ve created a scheduled task.


OK… so, I can run a program? What about a PowerShell script?

The real question here is “Who/what will run my PowerShell script?”. And then, the answer is simple – the PowerShell engine.

This means that your “program” is powershell.exe. This also means that in your scheduled task you should enter something like this:


(note the full path to powershell.exe – C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe)

Now we have a scheduled task which will start PowerShell in designated time, every single day. Usually, this is not enough, and we need to add some arguments to the command running (like the path to the script we want to execute).


(argument field in this case contains -Command "& 'C:\Scripts\Get-HyperVReport.ps1'"be really careful about the single/double quotes here!)

Configured like this, our scheduled task will execute the following command:

Two remaining things that we have to check is to have our Get-HyperVReport.ps1 script saved in C:\Scripts and that user, under whom this task is running, has the appropriate permissions to run it. Also, if task should be running unnatended (usually it should), make sure to configure it so.

One other thing that may be useful – with this script, we need to specify some additional parameters (like ClusterName or if it will send us an e-mail when completed). In this case, we can easily add the required parameters to the arguments field, like this:


(argument field in this case contains -Command "& 'C:\Scripts\Get-HyperVReport.ps1' -ClusterName MyCluster -SendMail $true -SMTPServer -MailFrom -MailTo")

The whole command is then:

Hope this helps!


P.S. One other other thing (yes, it’s written twice… live with it Smile) that can be useful – you can also use PowerShell to create scheduled task which will run this PowerShell script (instead of using “the lame wizard”). Pssst… take a look at the New-ScheduledTask command. Winking smile

P.P.S. You can also make use of Adam's function, which will make your life easier - Thanks, Adam!


How PowerShell keeps my photo collection neat

As I love taking photos, sometimes it might be difficult to keep my photo collection “neat”. My camera is set to save every photo in two formats (one for editing, and another one for “long term storage”, as I like to say Smile) – .ARW and .JPG.

When I come home from a “photo trip”, I go through the photos taken and delete the ones I don’t really like. As I need to delete both copies, sometimes it happens that I forgot to delete .JPG or .ARW file of the same photo (which leads to “inconsistencies” in my collection… which is not “neat” Smile).

To overcome this, I’ve come up with a solution – a simple PowerShell script to check if there are any .ARW files which are missing it’s corresponding .JPG file (basically, I’m looking for files sharing the same name, but with different extension):

So, output will be something like this (with right arrow in results meaning that I have .ARW files for which I don’t have the corresponding .JPG file, which further means that I’ve deleted the .JPG file which I didn’t like and now I need to delete .ARW as well):


Arrow on the left side means that I have .JPG files for which I don’t have the corresponding .ARW file. No results will mean that I have the files in sync – for each .ARW file, there is a corresponding .JPG file.

Next step will be to tweak the script and probably automate the deletion process. For now, I’m satisfied with PowerShell providing me info about the duplicates and deleting the files manually. Smile



Updates and Recommendations not working in SCOM 2016

Not so long ago, there was a thread about this issue on TechNet Forums – long story short, in some cases (if you didn’t do a clean installation of System Center 2016 – Operations Manager, for example), the shiny, new feature called Updates and Recommendations didn’t work.

Even better – there was a rather cryptic error saying “An error occurred while displaying the Updates and Recommendations view. This might be because the database query has encountered an error…”.


So… it looks that maybe the database query has indeed “encountered an error”.

What can we do to make sure and resolve this?

As the user Chandra Bose suggested, we can look for duplicates in our imported management packs… and maybe we will be smarter then.

PowerShell command we can use:

This will list our imported management packs and their versions, and we can start looking for duplicate(s).


In my case, there were some – some of them were the two management packs called Microsoft.SystemCenter.WebApplicationSolutions.Library.Resources.*.

To get a better look on those two, we can use the following command:

And the output looks like this:




This shows that we really have two “duplicate” management packs in our SCOM database, one installed in 2013, and another in 2014 (why? and how? don’t really matter Smile). We need to remove one, obviously.

For that, we can use the following command (by using the Id property from previous command):

And, if there are no more duplicates, our Updates and Recommendations view should work now:


Hope this helps.



Basic SharePoint load balancing

I’ve recently created a simple lab which gave me some answers around load balancing a SharePoint 2016 farm with SSL offloading.

To start, I’ve created a couple of virtual servers (on top of my “supercool home Windows Server 2016 Hyper-V PC” Smile) – a domain controller, a SQL server and two SharePoint servers. I’ve also downloaded a KEMP LoadMaster appliance (there is also a free one here, which would have been just enough for this lab) and prepared my DigiCert wildcard certificate (there is no need for the wildcard option, but this is the one I already have, so I’ve decided to use it).

So… I’ve prepared a domain controller, joined all the other servers to the domain and then installed SQL Server 2016. After that, on SharePoint servers, I’ve ran a preparation wizard and created a new SharePoint farm from the first node… with second node joining to it later. At the end, I’ve done the “Farm configuration” wizard and was all set to do the load balancing part. (And yes – I know that clicking “Next” is lame, but… it works. Smile)

The networking configuration for this lab is pretty simple. I have two VLANs – 111 (backend, where all the servers are residing) and VLAN 101 (frontend, where my LB virtual servers are).

I’ve created a new virtual machine for the load balancer, attached it to the two mentioned networks and also added the virtual disk downloaded from KEMP’s website.


After that, I’ve done the initial configuration wizard of LoadMaster which is actually straight-forward (setting the password, IP addresses, and importing a certificate afterwards).

With this done, we can create our virtual service(s) – there is actually a great guide for configuring the SharePoint load balancing virtual servers with KEMP LoadMaster.

I’ve used the following basic (manual) settings for my virtual service:


HINT: When troubleshooting load balancing – make sure that you have only one node behind the balancer… it makes things so much easier to troubleshoot! Smile

One last thing that wasn’t working with this “Next, Next, Next…” configuration was the Alternate Access Mappings (AAM) part – to be able to access a SharePoint farm over HTTPS and a public name, AAM should “know about it”. There is a great guide about AAM available – make sure you read it.

Default AAM settings for my farm were:


After (a lot) of troubleshooting and research, they were changed to this:


And… that’s it – it works! Smile

My totally awesome SharePoint 2016 site, located behind a load balancer and published with a trusted certificate (with SSL session terminating on my virtual KEMP load balancer), was alive:


To conclude - in all the configuration that was done, setting the AAM right was something that gave me most of the headache (load balancing/redirections not working right, troubleshooting what’s happening, etc.). Pay special attention to it! Once you figure it out, you’re done. Smile



NetScaler, XenMobile and SSL certificates

So, you’ve finally decided to make yourself "a small Citrix lab" (XenMobile and NetScaler), but you’re having trouble with getting all the certificates in place. Fear not, I’m here to help!

Installing the SSL certificates for NetScaler is relatively simple, but still… some steps are easily forgotten and then… you need to troubleshoot. Smile

Steps to install the SSL certificate for NetScaler (correctly) are:

  1. Install the server certificate (for example, certificate for The easiest way is to use .PFX certificate file, and you can install it through Traffic Management – SSL – Certificates – Server Certificates.
  2. Install the issuing and root CA’s certificates (.PEM files are OK) through Traffic Management – SSL – Certificates – CA Certificates.
  3. Create link (right click – Link) between the server certificate and issuing CA’s certificate.
  4. Create link (right click – Link) between the issuing CA’s certificate and root CA’s certificate.
  5. Check the certificate links on issuing CA’s certificate (right click – Certificate links). There should be two – one linking the server certificate, another the root certificate.
  6. Select the imported certificate for NetScaler Gateway usage.
  7. Select the imported certificate for (SSL) virtual servers as well. If you’re using NetScaler appliances in HA mode, force synchronization.
  8. Check if certificates are installed properly (for example, by opening the MAM interface with your browser – or
  9. Check if certificate chain is in order as well –

For XenMobile Server, there is some preparation work to do, to get it all right. Basically, you’ll need to combine all the (.PEM) certificate files into one, upload that to XenMobile Server, and restart.

Steps are:

  1. Combine individual (.PEM) certificate files (server, issuing and root CA) into one .PEM file by following instructions on this DigiCert site (you can use Notepad to achieve this). Your final .PEM file should look like this:
  2. -----BEGIN CERTIFICATE-----
    (server_certificate.pem content)
    -----END CERTIFICATE-----

    (issuing_ca_certificate.pem content)
    -----END CERTIFICATE-----

    (root_ca_certificate.pem content)
    -----END CERTIFICATE-----

  3. Upload the combined (.PEM) certificate file to XenMobile Server.
  4. Restart all the XenMobile Server nodes (one by one).
  5. Check if nodes picked up the certificate change (for example, by opening the XenMobile Server management interface with your browser – https://{node's_IP_address}:4443).
  6. Check if certificate chain is in order as well –

And… that’s it!

Oh, yeah – in case you’ve been living under a rock… don’t use the SHA-1 certificates anymore… they are obsolete now (info). Smile



Windows Update, Windows Server 2016 and proxy

The dumbest thing… you are installing your brand new Windows Server 2016 machines and then you realize that Windows Update doesn’t work. It just gets stuck on Checking for updates/Downloading updates… for days.


Of course, you have some sort of proxy on your network, and you start troubleshooting this issue by testing on a proxy-free network… and without proxy, Windows Update works just as it should!

So, the next logical next step is to blame “those networking guys”, because updating your machine works fine, when not behind their “fancy proxy thing”.

But no.

You will soon realize that you have some “old” Windows Server 2012 R2 (or even Windows 10) machines, which are updating just fine… even through the “fancy proxy thing”.

And then you start asking yourself why.

You are checking the configuration of older machines by opening up Internet Explorer and double-checking proxy settings… and then you make sure that your new machines are having the same configuration – they have. Then you are just confused. It’s not networking, it’s not proxy settings… what could it be???

Still a bit confused, you have a great idea to check system proxy settings by running netsh winhttp show proxy – on older machines you’ll probably see something like this (which is probably OK, because you’ve just seen the Proxy Settings in IE, which are set to correct values):


So, you’re (naturally) configuring new machines accordingly. Still doesn’t work.

What next?

You can do further reading & testing, but the thing that helped in our case was setting the system (winhttp) proxy with netsh command, so that it actually imports IE proxy settings.

Basically, you need to run netsh winhttp import proxy source=ie (after you’ve set the right proxy settings through IE dialog, of course) or set your system proxy by using the netsh winhttp set proxy command.

After that, Windows Update starts working again!

So, remember – when using Windows Server 2016, set your system proxy settings by using the netsh command and everything will work just fine! Smile


P.S. Of course, if you have another trick to make it work, please comment. Smile


Advanced Technology Days 12

Another Advanced Technology Days are now behind us.

It was a great conference, with so many familiar faces (and so many new ones). I didn’t like this year’s venue as much as the last one (let’s be honest – nothing beats a movie theater! Smile), but it was fine – it’s always about the great people, not the venue itself.

This year I was speaking about the new System Center 2016 suite and, judging by the full room (thank you!), this topic is very hot right now. I really like the new features in Virtual Machine Manager and the new “speedy” Operations Manager (with web portal which finally works in “modern” browsers Smile).


Slides (which are actually customized Microsoft Ignite slides – thank you), are uploaded to my SlideShare.

And now… looking forward to Advanced Technology Days 13. Smile


P.S. Thanks for the pics – Goran & Igor!


Show disk performance in Task Manager

One of the things that bothered me in the past was the fact that Task Manager showed all the required performance graphs, except the disk-related ones. Why is that, I don’t know. OK, you can see the disks through Resource Monitor console or PerfMon, but… I really like using Task Manager, with such nice colors and simple graphs, for a quick overall check.

So, when you’ve opened your Task Manager, you were shown something like this:


No disks. Too bad. Sad smile

But… fear not, my friend! There is a solution for this “glitch”. Even a simple one. Smile

All you need to do is run the following command in your administrative Command Prompt:

Like this:


And now, when you reopen your Task Manager, you will see following:




Reinstalling your Hyper-V hosts

Have you ever reinstalled your Hyper-V hosts?

I know, there is not much need for it (as everything usually works just fine), but still… there is a “Windows Server 2016 re-installation wave” coming and maybe you’ll find the the next pieces interesting and useful.

One of the “messy” tasks with Windows reinstallation is networking… and by “messy” I mean “you have more than one network cable in your Hyper-V hosts” and you need to know which networks are connected where. Smile

What happens is that Windows somehow always forgets your network device order, all the pretty names you’ve applied and you get stuck with names like “Ethernet”, “Ethernet 2”, etc.

There is a way to fix this (there are many, actually) – we can ask our younger colleague to go to the server room and unplug the cables one by one and then plug them back in, following the rename on our (Windows) side. This way we are certain that all the corporate, DMZ, storage, live migration, etc. cables don’t get “confused” when added to their respective teams and if we labeled cables properly, everything will work with fresh Windows installation also.

But… there is another way. We can use what we already have – our documentation. Here I mean “our current setup” – we have our network adapters and teams already configured in our current Windows installation, why don’t we just export this info and use it after the reinstallation?

We can do this easily by using PowerShell!

The idea is to export network adapter names and MAC addresses of our physical network adapters (excluding the virtual and team adapters), in a CSV file, so that we can use it later, to rename our adapters after the reinstallation:

After reinstallation, we can use the following command to rename our adapters, as per our saved CSV file:

And voilà – our networks are named nicely again (and our colleague didn’t need to go to the cold server room… this time). Smile