Long Absence, but I’m back!

It has been nearly 8 months since my last blog post. For that I’d like to apologize, as I really would love to have been posting all of this time; it just hasn’t been realistic for me. Let me recap what has happened in that time.

  • October 2014: Made an offer on my first house
  • November 2014: Moved into my first house
  • December 2014: Holiday madness and still settling in the house
  • January 2015: Working on new Training videos for Pearson
  • February 2015: Still working on the training videos
  • March 2015: Wrapping up training videos for Pearson, trying to have a bit of a life.
  • April 2015: Company I work for was sold, started looking at new career opportunities
  • May 2015: Attended Microsoft Ignite 2015, started a new job!

I started looking at houses around September of last year, and fell in love with one of the houses I looked at. I made an offer on the house and within a months time I was moving it. I wasn’t expecting it to happen so fast, but I am glad it did. I’ve been here since November of last year and it provided a great private recording studio for me!

ShowCover

The new videos I’ve been working on are about to come out! It is a video series focused on helping you pass the 70-346 exam. You can take a look at it for when it will be coming out later this month! On InformIT, or if you have a Safari Books Online Subscription you can see it there.

April 1st was quite an interesting day for me. That is the day that the buy-out of the company I work for was announced. I had been at Apparatus for nearly 4 years, and in all honesty we were like a family. I am still very close with a lot of people at the company and I wish them the best. I just thought that after that announcement was made it was a hint that it was time for me to move on; after-all working in IT at the same company for 4 years is quite amazing for a millennial. My last day at Apparatus was May 1st, and the I left work and headed for Microsoft Ignite 2015.

Microsoft Ignite, was quite an experience – in fact you will be seeing a detailed write-up about that later this week. Let’s just say it is a much bigger event and there are still all of the great opportunities you had available to you at TechEd.

Upon my return from Microsoft Ignite 2015, I started my new job as the Systems Architect at Gaylor Electric, Inc. This is quite a change from what I’ve done for the last 4 years. I will now own my very own infrastructure, and be able to make the decisions on what I think is best for the company and the environment. My first week has been completed and I’ve already put the wheels in motion for some sweeping changes to bring this company to the latest and greatest Microsoft Technologies. I really look forward to the opportunity this is going to give me to go deeper into specific technologies that I’ll be sharing on this blog!

Overall you are going to see me becoming much more social, I am going to be as active as humanly possible on Social Networks and keeping this blog as active as possible. I look forward to feedback and hearing about topics that everyone is interested in hearing more about!

Considerations When an IT Employee Leaves

Recently I’ve helped clients and even off-boarded IT employees from our own team. There are quite a few considerations you must make when someone in IT leaves a company or even just moves to another team within the same company. This article is going to focus heavily on the employee leaving the company; but you will run into some of the same obstacles with them moving to a new area in the company. The “normal” HR off-boarding or cross-boarding doesn’t usually cover the amount of access that these employees have, and the IT staff themselves must make many additional considerations to make things as smooth as possible.

At a high level you have to consider the following:

  • How many accounts do they have?
  • Are these accounts tied to any applications?
  • Which devices use a shared password they know?
  • What access rosters are they on?
  • What knowledge will be lost when they leave?
  • Who is going to take over ownership of their current tasks?

Let’s dive into these questions in more depth and explore some possible solutions to them.

Read more »

Building a Desired State Configuration (DSC) Lab

Recently I presenting at the Indianapolis PowerShell User Group and talked about Desired State Configuration. The presentation was 100% demonstrations, and I decided it would be a good idea to provide all of the PowerShell commands/instructions I used to build my lab environment for the presentation.

Note: Please note that these instructions were written using multiple Experimental DSC Resources, Microsoft and I myself provide no guarantee that these will work in a production environment. I strongly encourage that you use test environments that do not matter until you feel comfortable with DSC.

Pre-requisites

  • Licensed/Trial Media for Windows Server 2012 R2
  • An installed/updated Sys prepped VM Parent Disk
    • Stored at D:\Templates\Server2012R2.vhdx
  • a Virtual Switch within Hyper-V Configured as a Private, named “Private Network”
  • At least 7GB of free memory
    • You can adjust this all the way down to just 4GB
  • Downloaded copy of the latest DSC Resource Kit – Download Here

Now before we dive into the scripting component of this blog post I want you to know that this is not 100% automated. You will have some manual steps here and there, it is possible to 100% automate – but that will require significantly more effort. Please continue reading for instructions on this demonstration.

Read more »

PowerShell: Check for user accounts running Windows Services

Recently I worked with a client to validate that if a user account were to be disabled that it wasn’t going to break any of their currently running applications. You can be bit by an accidental miss-configuration where an end-users account is running a Windows Service or possibly at a lower level in a specific application such as SQL Server jobs. Luckily with the Power of PowerShell we can conquered the Windows Services! It is also possible to create a SQL Query, or even PowerShell scripts to query SQL, but we will not be covering that in this article.

Checking Windows Services:

The biggest concern I had was the Windows Services, it is easy enough for a junior admin to install SQL and specify their own account as the Service Account. THIS IS BAD! However with some simple PowerShell we can perform a visual inspection, or with some minor adjustments we could look for a service running with a specific user.

In the above example we are using a parenthetical command along with the Get-CimInstance Cmdlet. The command that is executed first is the Get-ADComputer, this will required the ActiveDirectory module is available on your computer system. It uses the filter parameter to look for any computer that is running Windows Server (any version). It then passes those values to the Get-CimInstance which performs an initial WQL Query, which doesn’t allow and statements. Therefore we have to pipe it’s returned values to a where statement which will continue filtering for us. At the very end it provides me the service name, the user account running it, and the computer this service is on.

I was able to run this against the clients environment and within a few minutes we new that it was safe to disable the account.

GriffinMonitor Module v1.5 – Additional Functionality

This evening I’ve decided to add additional functionality to the GriffinMonitor Module. I noticed that I am filling up my storage on my lab server fairly quickly. With that in mind I knew I needed to know once I am about to max it out. I’ve decided to write a fairly simple alert for remaining disk space per volume. Before we dive into how to use the cmdlet and the code itself please reference the previous blog post on Monitoring Storage Pool Health – GriffinMonitor Module.

Using Alert-GMLowDiskSpace:

This cmdlet is very similar to the Alert-GMUnhealthyStoragePool as it has 3 mandatory parameters. There is a 4th parameter that is optional so you can specify the threshold at which it alerts. As I mentioned in the previous blog post at some point I intend to add additional functionality for TLS or SSL secured SMTP servers along with the ability to pass authentication. That functionality is still not there, but it is still on my to-do list.

Example:

-OR-

 The Module Code:

 Update Instructions:

  1. Open C:\Users\<username>\Documents\WindowsPowerShell\Modules\GriffinMonitor with the PowerShell ISE or your favorite text editing document
  2. Replace the code with the above script
  3. Create a Scheduled Job for the new PowerShell cmdlet

Installation Instructions:

  1. Navigate to C:\Users\<username>\Documents\WindowsPowerShell\Modules\GriffinMonitor
    1. (Note: If the directory doesn’t exists you must create it.)
  2. Save the above code in a file named GriffinMonitor.psm1 under the above directory
  3. Create a Scheduled Job using PowerShell

Once it is scheduled, keep an active eye on your inbox for when your Storage Pool goes unhealthy!

Miscellaneous Notes:

  • This module was built and tested using PowerShell v4 on Server 2012 R2 running a single Storage Pool.
  • This module “should” work with Server 2012 running PowerShell v3 with one or many Storage Pools
  • This module comes with no guarantee or support, this is a run at your own risk and I take no responsibility for any repercussions that may occur by running this.
    • With that being said I’ll try my best to assist anyone who may have questions if you post in the comments of this thread.