Utilman.exe to cmd.exe and back

Let’s say you have a Windows (virtual) machine, for which you’ve forgotten your login info, but you want to enter it anyway, because of… reasons. 😀

How can you do it?

Note – if the disk/VM is encrypted, you’ll need the decryption key, of course (if you don’t have it, well… I’m sorry, the following won’t really help you).

Ok, if it’s a virtual machine and you only need to grab some data from it, it’s relatively easy – you’ll just mount the virtual disk, extract the data needed and done.

If you need access to the OS instead, you can maybe use the old trick with replacing the Utilman.exe with cmd.exe, which essentially gives you command prompt with local system permissions, which then gives you… well, everything you need.

One minor obstacle with doing this “hack” would be the fact that the owner of Utilman.exe is actually the TrustedInstaller, so your workflow would be like this:

  • (e.g. turn off the VM, mount the disk, …)
  • replace the owner of Utilman.exe
  • add yourself the needed permissions
  • replace the Utilman.exe with cmd.exe
  • do what you need (e.g. change the local Administrator’s password, set this account as active, …)
  • cleanup (replace the replaced Utilman.exe with the original one)

And we can do this with PowerShell:

And now you can login as local Administrator again and do the work you wanted to do in the first place. 😊

To leave things in (somewhat) the way we found them, we can use the following PowerShell:

Cheers!

Network share feeds in WAC

You know about (and actively using) the Windows Admin Center (WAC), right?! 😉

While it’s great for managing your Microsoft infrastructure, it can also be extended with different extensions. You can even write and use your internal, custom extensions, which do… well, whatever you make them do. And you can read all about that here.

But let’s go back to the subject of today’s post – extensions can be installed via different feeds, either official or unofficial, provided by Microsoft or 3rd-party. You can easily add new feeds or remove existent by providing the feed location, which can be either a NuGet feed URL or a file share location, as stated in the official docs.

Using a file share location is easy:

  • you choose/create a folder:

  • share it (\\<my_server_name>\WACExtensions in my case):

  • and add it to your feeds – I’ll use the “PowerShell way”:

But no!

My feed seems to be added successfully, but it’s not showing in the list!

You can try the same through the web interface – it’s almost the same (OK, you’ll get the errors):

And permissions are fine, don’t worry. 😉

Why’s that?!

The catch here is that we added an empty folder/share – when adding this share, WAC intelligently looked into the folder, found nothing and (successfully) didn’t add our share to the feed list, as it’s empty. And yes, it also forgot to mention it when using PowerShell.

So, what can be done?

The workaround/solution is rather simple – just make sure you don’t add an empty feed/folder.

Just for fun – I’ve downloaded the HPE Extension for WAC, moved it into the WACExtensions shared folder and tried to add the feed again:

And – it worked! 😊

Cheers!

Having fun with Helm and file encoding

Had some spare time, so I’ve tried to learn a bit more about Helm, the package manager for Kubernetes.

I’ve decided to follow the relatively new Pluralsight course called – Kubernetes Package Administration with Helm, done by my MVP colleague Andrew Pruski. And it was great – not too long, clear and easy to follow, with only a handful of prerequisites if you want to follow along! Great job!

Of course, there is also the nice, official documentation.

But why am I writing this post?

I was normally following this course on my Windows 10 laptop, using Visual Studio Code, as suggested, and also using PowerShell terminal, with Helm v3.3.1.

It all went well until the part when we are creating our Helm Chart, more specifically – when we’re filling up our deployment.yaml and service.yaml files. Suggested (and simplest) method is to use the simple output redirection (with “>“), like this:

But, this gave me the following error when trying to deploy the chart:

It’s quite obvious – Helm works with UTF-8, and my .yaml files seem to be encoded differently. Quick look at the bottom of my VSCode confirms it:

How can I fix it?

As I’m using PowerShell, it’s pretty easy – instead of doing the simple output redirection (“>“), I pipe output to Out-File cmdlet with -Encoding UTF8 option, in all cases, which takes care of the encoding (and sets it to UTF-8 with BOM, which is just fine for Helm):

So, long story short – if you run into the error above (Error: unable to build kubernetes objects from release manifest: error parsing : error converting YAML to JSON: yaml: invalid leading UTF-8 octet”), remember to check your file’s encoding (and change it to UTF-8, if needed)! 🙂

Cheers!

P.S. Thanks to good people at Pluralsight for providing me a complimentary subscription!

Fixing Hyper-V virtual machine import with Compare-VM

Well, I was rearranging some stuff the other day, and come to an interesting “lesson learned”, which I’ll share. 🙂

In my lab, I’ve had a Hyper-V server running Windows 2012 R2, which I finally wanted to upgrade to something newer. I’ve decided to go with the latest Windows Server Insider Preview (SA 20180), just for fun.

When trying to do an in-place upgrade, I was presented with the message “it can’t be done“, which is fine – my existing installation is with GUI, the new one will be Core.

So, evacuate everything and reinstall.

In the process, I’ve also reorganized some stuff (machines were moved to another disk, not all files were on the same place, etc.).

Installed Windows, installed Hyper-V, created VM switches, but when I tried to import it all back (from PowerShell… because I had no GUI anymore), I was presented with an error.

Error during virtual machine import was (I know – could’ve used more specific Import-VM command, which will select all the right folders and required options, but… learned something new by doing it this way!):

So, the error says it all – “Please use Compare-VM to repair the virtual machine.” 🙂

But how?! 🙂

If you go to the docs page of Compare-VM, you can see how it’s used.

And, in my case, the whole process of repairing this virtual machine looks like this:

Hope this helps you as well!

Cheers!

Figuring out your public IP address with PowerShell

Sometimes, you need to know your public IP address because of… reasons. My particular reason was creating firewall rule to limit SSH only from my current public IP address, to a machine on the Internet. And how to do it?

You can always use free services like What Is My IP?, which shows you your public IP address in a nice form:

But there are also other ways – if you’re running Linux (or WSL) and do a Google search for the command that can help you, you’ll probably get this (https://askubuntu.com/questions/95910/command-for-determining-my-public-ip?noredirect=1&lq=1):

And if you’re using Windows, PowerShell is here to help you! I like “oneliners”, even if they are not always easy to read:

I’m sure that my friend Aleksandar (PowerShell guru & Microsoft MVP) has a better way, but for me, this works just fine. 🙂

Hope it helps!

Cheers!

Creating some virtual machines in Azure with PowerShell

The other day I was creating some Linux virtual machines (I know, I know…) and, with Azure being my preferred hosting platform, I’ve decided to create this machines by using a simple PowerShell script. Not because I’m so good at PowerShell, but because I like it… and sometimes I really don’t like clicking through the wizard to create multiple machines.

I wanted to create multiple machines with ease, each with “static” IP address from the provided subnet, accessible via the Internet (SSH, HTTP) and running the latest Ubuntu Linux, of course.

So, I was browsing through the official documentation (a.k.a. docs.com, more specifically https://docs.microsoft.com/en-us/azure/virtual-machines/linux/quick-create-powershell), and I’ve come up with this (my version of the official docs):

If this helps you with similar task – you’re welcome.

Cheers!

Renewing the expired Office Online/Web Apps Server farm certificate

Certificates sometimes expire… it happens! 🙂

But what happens if the certificate for your Office Online Server (OOS) or Office Web Apps Server (OWAS) farm expires and your farm is not available anymore?

Obviously, OOS farm and your Skype for Business, Exchange & SharePoint integration stops working. Next thing to do will be to renew the expired certificate.

But how?

My MVP colleague Andi Krüger did a nice blog post on updating the farm certificate, and it’s fairly simple – Set-OfficeWebAppsFarm -CertificateName “RenewedOOSInternalCertificate” should do the trick… if your farm is running.

If things got out of hand and your farm is not running anymore and you cannot use the Set-OfficeWebAppsFarm cmdlet (you’ll see that Office Online (WACSM) service is Stopped and cannot be brought back up with the expired certificate and your machine is showing that it’s no longer part of the farm), you’ll need to take a different approach, because you’ll be getting errors when running the above mentioned command (like “It does not appear this machine is part of an Office Online Server farm.” or similar).

WACSM Service is Stopped and and your machine is showing that it’s no longer part of the farm

One of the possible solutions would be:

  • make a note of the Friendly Name of your old (expired) certificate (MMC or PowerShell) (in my case it’s called “OOSInternalCertificate“)
  • remove the expired certificate
  • renew/request/install the new certificate
  • change the Friendly Name of a new certificate to match the previous one
  • start the Office Online (WACSM) service or restart the machine
  • (copy the certificate/do the procedure on other farm members, if needed)

Everything is back normal

Your farm operations should now be restored and you can run Get-OfficeWebAppsFarm cmdlet normally:

Or you can open up the farm’s discovery URL – if it’s rendering again, everything should be OK (in my case “https://oos.myfarm.local/hosting/discovery“):

Even the discovery works

Cheers!

PowerShell helps with Altaro

I really like Altaro VM Backup! It’s so simple, fast and gets the job done. If you haven’t tried it yet, please do – it fulfills the backup needs of small and medium businesses. I’m using it for backup of my Hyper-V virtual machines, of course.

Have I mentioned that they also have the free version, because – they do!

With this little digression out of the way, the thing I want to write now is something that really helped me the other day. I created (yet another) virtual machine on my Hyper-V host and then I tried to add it to backup as well. It is really simple to do this in Altaro – you just select your virtual machine and then drag & drop it to the desired backup location and schedule and that’s it!

As I was connected to my host via Remote Desktop, I was having trouble with drag & drop. I wasn’t able to add my new virtual machine to either backup location or schedule. I’m stuck.

Altaro VM Backup

Altaro VM Backup

So… when all things fail, you’re usually saved by “reading the friendly manual” (RTFM). Or by using PowerShell. I’ve decided to try the latter.

How do you use PowerShell to add the virtual machine to backup when using Altaro VM Backup?

There are a couple of steps, but basically you need to establish the connection to backup server, make Altaro VM Backup aware of your virtual machine, assign it to the desired backup location and schedule. And that’s it! And, even better – the good people at Altaro have written the PowerShell scripts that help you do all that!

The steps are:

  • (inside PowerShell console) go to the C:\Program Files\Altaro\Altaro Backup\Cmdlets where here you can see all the scripts that come out-of-the-box:

Altaro VM Backup

  • all scripts are equipped with help and examples, accessible by adding the –help parameter:

Altaro VM Backup

  • first, we need to establish connection to backup server by using the StartSessionPasswordHidden.ps1 scripts (that will give us connection to the backup server and also Session token (Data field) which we need as first parameter for all the next steps):

Altaro VM Backup

  • next, we need to make Altaro VM Backup aware of our new virtual machine by getting the HypervisorVirtualMachineUuid of this virtual machine with GetVirtualMachines.ps1 script:

Altaro VM Backup

  • then we can add this virtual machine to Altaro with AddVirtualMachineToConfig.ps1 script by passing the Data (actually the VirtualMachineRefId) value from the previous step:

Altaro VM Backup

  • next, we need to check our available backup locations with GetBackupLocations.ps1 script:

Altaro VM Backup

  • by using the AddVirtualMachineToBackupLocation.ps1 with BackupLocationId from the previous step, we will assign our virtual machine to desired backup location:

Altaro VM Backup

  • next, we need to add this virtual machine to a desired schedule as well – with GetSchedules.ps1 script, we can get the ScheduleId:

Altaro VM Backup

  • and with this parameter in hand, we can start the AddVirtualMachineToSchedule.ps1 script:

Altaro VM Backup

  • last, but not least, we need to close all sessions by using the EndAllSessions.ps1 script:

Altaro VM Backup

  • finally, we can see the results in the GUI (our machine should be added to the backup location and schedule – everything that’s needed to start backing it up!):

Altaro VM BackupAltaro VM Backup

Pretty simple (and cool), right?! Hope it helps!

Cheers!

Scheduling a PowerShell script… with arguments

Let’s say that you have a neat PowerShell script, which you want to run on some kind of a schedule (a script which will collect some data and send you an e-mail, every day in the same hour… ‘til the end of time – maybe this one) – how can you do it? Smile

The answer is simple. Yes, there is a tool included with Windows operating system, which can help you… and it’s called… well – Task Scheduler. Smile

And… if you never used the Task Scheduler in Windows, maybe this is the time to start.

It’s a rather simple tool – you click through a simple wizard, select what you need (a program) and when you need it, and you’ve created a scheduled task.

image

OK… so, I can run a program? What about a PowerShell script?

The real question here is “Who/what will run my PowerShell script?”. And then, the answer is simple – the PowerShell engine.

This means that your “program” is powershell.exe. This also means that in your scheduled task you should enter something like this:

image

(note the full path to powershell.exe – C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe)

Now we have a scheduled task which will start PowerShell in designated time, every single day. Usually, this is not enough, and we need to add some arguments to the command running (like the path to the script we want to execute).

image

(argument field in this case contains -Command “& C:\Scripts\Get-HyperVReport.ps1be really careful about the single/double quotes here!)

Configured like this, our scheduled task will execute the following command:

Two remaining things that we have to check is to have our Get-HyperVReport.ps1 script saved in C:\Scripts and that user, under whom this task is running, has the appropriate permissions to run it. Also, if task should be running unnatended (usually it should), make sure to configure it so.

One other thing that may be useful – with this script, we need to specify some additional parameters (like ClusterName or if it will send us an e-mail when completed). In this case, we can easily add the required parameters to the arguments field, like this:

image

(argument field in this case contains -Command “& C:\Scripts\Get-HyperVReport.ps1‘ -ClusterName MyCluster -SendMail $true -SMTPServer smtp.mail.com -MailFrom [email protected] -MailTo [email protected])

The whole command is then:

Hope this helps!

Cheers!

P.S. One other other thing (yes, it’s written twice… live with it Smile) that can be useful – you can also use PowerShell to create scheduled task which will run this PowerShell script (instead of using “the lame wizard”). Pssst… take a look at the New-ScheduledTask command. Winking smile

P.P.S. You can also make use of Adam’s function, which will make your life easier – https://github.com/adbertram/Random-PowerShell-Work/blob/master/Scheduled%20Tasks/New-ScheduledScript.ps1. Thanks, Adam!

How PowerShell keeps my photo collection neat

As I love taking photos, sometimes it might be difficult to keep my photo collection “neat”. My camera is set to save every photo in two formats (one for editing, and another one for “long term storage”, as I like to say Smile) – .ARW and .JPG.

When I come home from a “photo trip”, I go through the photos taken and delete the ones I don’t really like. As I need to delete both copies, sometimes it happens that I forgot to delete .JPG or .ARW file of the same photo (which leads to “inconsistencies” in my collection… which is not “neat” Smile).

To overcome this, I’ve come up with a solution – a simple PowerShell script to check if there are any .ARW files which are missing it’s corresponding .JPG file (basically, I’m looking for files sharing the same name, but with different extension):

So, output will be something like this (with right arrow in results meaning that I have .ARW files for which I don’t have the corresponding .JPG file, which further means that I’ve deleted the .JPG file which I didn’t like and now I need to delete .ARW as well):

image

Arrow on the left side means that I have .JPG files for which I don’t have the corresponding .ARW file. No results will mean that I have the files in sync – for each .ARW file, there is a corresponding .JPG file.

Next step will be to tweak the script and probably automate the deletion process. For now, I’m satisfied with PowerShell providing me info about the duplicates and deleting the files manually. Smile

Cheers!