Even False counts in PowerShell

I was testing one of my PowerShell scripts and noticed a problem, a PowerShell gotcha if you will, that's actually quite easy to miss.

I had something like this in the script:

$rebootGroups=@(([adsisearcher]"(&(objectCategory=computer)(cn=$env:COMPUTERNAME))").FindOne().Properties.memberof -replace '^CN=([^,]+).+$','$1' -match 'grp.reboot.')

That is a one liner to check if the current computer where the script is running is member of any AD groups that starts with 'grp.reboot'.

Later in the script, I had an if statement checking if I got any groups back and act on them:

If ($rebootGroups.count -ne 0) {...}

If computer is indeed in any one of these groups, we would get a count greater than zero.
What happens if computer is not member of any such groups? We might expect to get back a count of '0', but in fact we get a count of '1'.

Here is proof:

PS C:\> $a=@($false)

PS C:\> $b=$false

PS C:\> $c=$true

PS C:\> $a.count;$b.count;$c.count




It could be argued that the first one makes some sense. At the end, it is an [array] type with a single element and hence count should not be 0.

The more interesting is the second one '$b', which is a boolean and regardless of its value ($true or $false), the count property of a boolean is 1.

So, in this case, we would fix the logic by checking if $false was returned, as ($rebootGroups.count -ne 0) will never be equal to 0!


PwdLastSet vs PasswordLastSet Property

One of the interesting things, when you run "GET-ADCOMPUTER" cmdlet to find out the last time computer password was set, is that there are actually two different properties for that value. One of them, pwdLastSet is NOT so friendly...

D:> Get-ADComputer adil-7600-8 -Properties pwdlastset
pwdlastset        : 130575614253222449

The other property, PasswordLastSet is as helpful as it gets:

D:> Get-ADComputer adil-7600-8 -Properties passwordlastset
PasswordLastSet   : 10/12/2014 12:23:45 AM

Why? Well, I am not sure why Microsoft decided to provide two different properties for this value, probably pwdLastSet is easier for calculations. That is probably why the type of pwdLastSet is signed 64 bit integer (int64) vs. DateTime for PasswordLastSet

D:> Get-ADComputer adil-7600-8 -properties pwdlastset |get-member pwdlastset

   TypeName: Microsoft.ActiveDirectory.Management.ADComputer

Name       MemberType Definition
----       ---------- ----------
pwdlastset Property   System.Int64 pwdlastset {get;set;}

D:> Get-ADComputer adil-7600-8 -properties passwordlastset |get-member passwordlastset

   TypeName: Microsoft.ActiveDirectory.Management.ADComputer

Name            MemberType Definition
----            ---------- ----------
PasswordLastSet Property   System.DateTime PasswordLastSet {get;set;}


DD-WRT OpenWRT Bricking Router and springing it back to life

These are my notes from bricking my router and bringing it back!

How it all began? 
I have a love-and-hate relation with DD-WRT. I have been on and off for the last 5 years. After recent revelations of backdoors on routers and modem, I decided to go back to it.

Upgrading from stock firmware to DD-WRT is documented well enough.
I never bothered with 30/30/30 cycles when upgrading. Simply used firmware upgrade page and pointed it to the DD-WRT image.

It's been working OK but today I decided to check out OpenWRT. So, I downloaded the image and flashed it. Unlike DD-WRT, there is not a web service readily running. As expected, Wi-Fi is not enabled at this point either. So, back to good ol' Putty and telnet/ssh business...

First Login
## First telnet (

login as: root
root@'s password:

BusyBox v1.22.1 (2014-06-03 08:07:42 CEST) built-in shell (ash)
Enter 'help' for a list of built-in commands.

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 BARRIER BREAKER (Bleeding Edge, r40982)
  * 1/2 oz Galliano         Pour all ingredients into
  * 4 oz cold Coffee        an irish coffee mug filled
  * 1 1/2 oz Dark Rum       with crushed ice. Stir.
  * 2 tsp. Creme de Cacao

Get the Web Interface Up
## Install LuCI (web) using ssh

 === IMPORTANT ============================
  Use 'passwd' to set your login password
  this will disable telnet and enable SSH

BusyBox v1.22.1 (2014-06-03 08:07:42 CEST) built-in shell (ash)
Enter 'help' for a list of built-in commands.

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 BARRIER BREAKER (Bleeding Edge, r40982)
  * 1/2 oz Galliano         Pour all ingredients into
  * 4 oz cold Coffee        an irish coffee mug filled
  * 1 1/2 oz Dark Rum       with crushed ice. Stir.
  * 2 tsp. Creme de Cacao

# Let's get some help...
root@OpenWrt:/# help
Built-in commands:
        . : [ [[ alias bg break cd chdir command continue echo eval exec
        exit export false fg getopts hash help history jobs kill let
        local printf pwd read readonly return set shift source test times
        trap true type ulimit umask unalias unset wait

## OK. time to change password...
root@OpenWrt:/# passwd
Changing password for root
New password:
Retype password:
Password for root changed by root

## Keep on following wiki...
root@OpenWrt:/# opkg update
Updated list of available packages in /var/opkg-lists/barrier_breaker.
root@OpenWrt:/# opkg install luci-ssl
Installing luci-ssl (svn-r10265-1) to root...
Installing luci (svn-r10265-1) to root...
Installing uhttpd (2014-04-08-a0c33bdbc4873210598acdccb292ff77fb6bf624) to root...
Installing uhttpd-mod-ubus (2014-04-08-a0c33bdbc4873210598acdccb292ff77fb6bf624) to root...
Installing luci-mod-admin-full (svn-r10265-1) to root...
Installing luci-mod-admin-core (svn-r10265-1) to root...
Installing luci-lib-web (svn-r10265-1) to root...
Installing luci-lib-core (svn-r10265-1) to root...
Installing lua (5.1.5-1) to root...
Installing liblua (5.1.5-1) to root...
Installing libuci-lua (2014-04-11.1-1) to root...
Installing libubus-lua (2014-05-06-9fda19140e65457d967ff6fe424e420f656c06c9) to root...
Installing luci-lib-sys (svn-r10265-1) to root...
Installing luci-lib-nixio (svn-r10265-1) to root...
Installing luci-sgi-cgi (svn-r10265-1) to root...
Installing luci-proto-core (svn-r10265-1) to root...
Installing luci-i18n-english (svn-r10265-1) to root...
Installing luci-lib-ipkg (svn-r10265-1) to root...
Installing luci-theme-bootstrap (svn-r10265-1) to root...
Installing luci-theme-base (svn-r10265-1) to root...
Installing luci-app-firewall (svn-r10265-1) to root...
Installing luci-proto-ppp (svn-r10265-1) to root...
Installing libiwinfo-lua (49) to root...
Installing libustream-polarssl (2014-03-25-fc0b5ec804ee43c532978dd04ab0509c34baefb0) to root...
Installing libpolarssl (1.3.7-1) to root...
Installing px5g (1) to root...
Configuring luci-lib-sys.
Configuring liblua.
Configuring libuci-lua.
Configuring lua.
Configuring libubus-lua.
Configuring luci-lib-core.
Configuring luci-lib-nixio.
Configuring luci-sgi-cgi.
Configuring luci-lib-web.
Configuring luci-proto-core.
Configuring luci-i18n-english.
Configuring luci-mod-admin-core.
Configuring libiwinfo-lua.
Configuring luci-theme-base.
Configuring luci-theme-bootstrap.
Configuring luci-app-firewall.
Configuring luci-lib-ipkg.
Configuring uhttpd.
Configuring uhttpd-mod-ubus.
Configuring luci-mod-admin-full.
Configuring luci-proto-ppp.
Configuring luci.
Configuring libpolarssl.
Configuring libustream-polarssl.
Configuring px5g.
Configuring luci-ssl.

Almost there...
## Start the web server (uHTTPd)
root@OpenWrt:~# /etc/init.d/uhttpd start
Generating RSA private key, 1024 bit long modulus
Generating selfsigned certificate with subject 'C=DE;ST=Berlin;L=Berlin;CN=OpenWrt;' and validity 20140604233124-20160603233124

## login to web interface

All good, and then I wanted to configure the wireless.That's when I realized I lost ability to use 802.11n. A bit of research and sure enough, only bg is supported.

OK, that's a deal breaker. Time to go back to DD-WRT or Stock image!

Unfortunately, every time I tried to use the firmware page, I got an error saying the firmware was not supported type. So, I got stuck. Then, I found instructions to do it from CLI and followed them

## Uninstall openwrt, and go back to stock Cisco E3000 stock firmware

cd /tmp
mtd -r FW_E3000_1.0.06.002_US_20140409_code.bin firmware

Real Disappointment!!!
Unfortunately, that bricked the router = Blue Power Led kept on blinking forever!
I tried 30/30/30 reset; that did not bring back UI but got ping reply from

At this point, I was not sure if I could bring back the bricked router but kept on trying:

  • Directly connect PC network cable to Router
  • Open (elevated) Command Prompt (cmd)
  • cd /to/downloaded_dd-wrt-firmware_folder/ (for me c:\temp\w)
  • use tft to transfer firmware

 C:\Temp\w>tftp -i put dd-wrt.v24-14929_NEWD-2_K2.6_std_usb_ftp-e3000.bin dd-wrt.v24-14929_NEWD-2_K2.6_std_usb_ftp-e3000.bin

Gave it 10secs and reboot (did not work). Then, while holding down reset button,

  • Disconnect Power Cable
  • Wait for 10secs
  • Reconnect Power Cable
  • Wait for 10 secs
Voila! is accessible and Power Led is solid blue! My wireless router is back to life! OK,so I am back to where I was, but I think it is fair to call that a victory, right? Riiiight!

Time to reconfigure DD-WRT and blog this...experience!

Gist notes here as well:


About PowerShell's PSBoundParameters

PSBoundParameters are useful, simple and could trip you!
Here is our test script t.ps1


"Name: $Name LastName: $LastName"
"PSBoundParameters : " 
"Removing 'Name'"

"After Removing 'Name'"
"Name: $Name LastName: $LastName"
"PSBoundParameters : " 

"Removing 'LastName'"
"After Removing 'LastName'"
"Name: $Name LastName: $LastName"
"PSBoundParameters : " 

## Let's start testing
D:\> C:\temp\t.ps1
Name: foo LastName: bar
PSBoundParameters :      ## <--- It's empty

Removing 'Name'
False                    ## There was no 'Name' parameter to remove

After Removing 'Name'
Name: foo LastName: bar
PSBoundParameters :

Removing 'LastName'

After Removing 'LastName'
Name: foo LastName: bar
PSBoundParameters :


So, what happened? Well, $PSBoundParameters did not have anything, because nothing was passed to the script.

Now let's try passing it parameters

D:\> C:\temp\t.ps1 -name Adil -LastName Hindistan
Name: Adil LastName: Hindistan
PSBoundParameters :       ## This returns 2 key/value pairs      

Key                                Value
---                                -----
Name                               Adil
LastName                           Hindistan

Removing 'Name'           ## <-- returns True, b/c it could remove the binding

After Removing 'Name'
Name: Adil LastName: Hindistan
PSBoundParameters :
LastName                           Hindistan  ## <- now, $PSBoundParameters only has one key/value

Removing 'LastName'

After Removing 'LastName'
Name: Adil LastName: Hindistan
PSBoundParameters :

Note that $Name and $LastName got their values assigned and are not affected from $PSBoundParameters.Remove() operation at all. All we are doing is removing keys from a dictionary.

We can also add key/value pairs to it using this:

$PSBoundParameters are quite useful to determine whether a parameter is using its default value or was it passed a value. It is also useful for splatting:
Some-CommandLet @PSBoundParameters
This supplies the key value pairs a CMDLET or function would require


PowerShell Gotchas: Enabling Safemode for Windows 8.1 with Bcdedit

In the last couple of days, I started to see a couple of weird issues on my my fully patched Windows 8.1 Update 1 PC. I may blog more about that later but for now, I just want to blog about a PowerShell gotcha, that might frustrate those who are switching from good ol' cmd shell to PowerShell console.

To troubleshoot the recent BSODs, I wanted to enable Safe Mode in Windows 8. Steps are well documented here:

To do this, we need to use BCDEdit utility, which is used to manage Windows boot settings in the newer Windows OSes.

Here I am in PowerShell Admin console...

PS C:\WINDOWS\system32> bcdedit

Windows Boot Manager
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
integrityservices       Enable
default                 {current}
resumeobject            {4efceffa-37b1-11e3-9418-e54cd3928210}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
identifier              {current}
device                  partition=C:
path                    \WINDOWS\system32\winload.exe
description             Windows 8.1
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {8bcbbebd-37b2-11e3-9418-e54cd3928210}
integrityservices       Enable
recoveryenabled         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \WINDOWS
resumeobject            {4efceffa-37b1-11e3-9418-e54cd3928210}
nx                      OptIn
bootmenupolicy          Standard

Let's tell Windows 8.1 to display safe mode options
PS C:\WINDOWS\system32> bcdedit /set {bootmgr} displaybootmenu yes

The set command specified is not valid.
Run "bcdedit /?" for command line assistance.
The parameter is incorrect.

Ugh, ok. I know the command is correct but PowerShell tells us otherwise. Most of the time, dos (I really mean cmd shell) utilities work just fine in PowerShell but when they do not we can tell PowerShell to hand it over to cmd shell
PS C:\WINDOWS\system32> cmd /c bcdedit /set {bootmgr} displaybootmenu yes
The set command specified is not valid.
Run "bcdedit /?" for command line assistance.
The parameter is incorrect.

Same error. OK, I won't keep doing this. You see the curly brackets over there in the command line surrounding bootmgr, that's our problem. PowerShell is trying to parse the arguments and {} is a scriptblock in PowerShell, so we should tell it not to interpret arguments
PS C:\WINDOWS\system32> bcdedit --% /set {bootmgr} displaybootmenu yes

The operation completed successfully.
There! --% was introduced in PowerShell v3 (I believe) and is very useful when handling quotes and such that have a special meaning in PowerShell, and hence parsing them gets hairy.

Note: There are other cases where you need to tell PowerShell to use cmd shell. For example:
d:\>where ssh
## did not return anything
d:\>cmd /c where ssh
D:\Program Files (x86)\Git\bin\ssh.exe

This works because 'where' is an alias for where-object cmdlet in PowerShell. In cmd shell, it tells you where an executable is located (as would `which` in linux/mac)


Adding reference to PowerShell dll in Visual Studio

Just another quick tip today. I wanted to create a Runspace to run some PowerShell code from C#. When I launched Visual Studio, and tried referencing PowerShell, which lives in System.Management.Automation, all I got was red wiggly underline. Similarly, the PowerShell object was not recognized.

To teach Visual Studio about the System.Management.Automation namespace, I needed to add the relevant DLL, which in my case (as I have x64 Windows 8.1) was found here: 

"%ProgramFiles(x86)%\Reference Assemblies\Microsoft\WindowsPowerShell\3.0\System.Management.Automation.dll"

Once I add it to the References, wigglies go away and I can now use all the namespace has to offer:

Oh, if you are already in PowerShell console, you can see the current assembly location using this:

D:\> [psobject].assembly |fl
CodeBase               : file:///D:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Management.Automation/v4.0_3.0.0.0__31bf3856ad364e35/System.Management.Automation.dll
EntryPoint             :
EscapedCodeBase        : file:///D:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Management.Automation/v4.0_3.0.0.0__31bf3856ad364e35/System.Management.Automation.dll
FullName               : System.Management.Automation, Version=, Culture=neutral, PublicKeyToken=31bf3856ad364e35
GlobalAssemblyCache    : True
HostContext            : 0
ImageFileMachine       :
ImageRuntimeVersion    : v4.0.30319
Location               : D:\WINDOWS\Microsoft.Net\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll
ManifestModule         : System.Management.Automation.dll
MetadataToken          :
PortableExecutableKind :
ReflectionOnly         : False

Fixing Visual Studio Login Issue

If you are seeing messages from your Visual Studio (Express) complaining that your trial expired after 30 days, you need to sign in to your Visual Studio (and/or Microsoft Account).

OK. that was stating the obvious. Here is the frustrating part. You are trying to login but you cannot and you get the following error:

Browser is security restricted or JavaScript is disabled

I was surprised with this message because I do not recall disabling Javascript  on my Internet Explorer. Anyway, to enable Javascript may not be obvious:

  • Launch Inernet Explorer (v11 in my case)
  • Click Tools > Internet Options > Security
  • Click Internet
  • Click Custom level
  • Scroll all the way near the bottom
  • Under Scripting > Active Scripting, click "Enable"
  • click OK and close.

That should do it. Now you can sign in to your account, and activate your copy of VS Express. 


PowerShell WhatIf

There are tons of resources on the web on how to use -whatif parameter in Powershell functions. I won't go over them but here is a mistake I noticed people sometimes do: They forget to add SupportsShouldProcess to the main script.

Couple of things to note here:

* When you pass -whatif parameter to the main script, it gets passed down to any 'advanced' function that is also supporting whatif.

In out example, Test-WhatifTraversing function support -whatif, because it too has the following line


* Once you use -whatif to call your script, it will not only pass it to Advanced Functions, but it will automatically execute on any other native PowerShell cmdlets that supports -whatif

* You want to wrap the 'dangerous code' you have in that 'If' block so that when you pass -whatif it does NOT execute, but even if you don't have any such code, it is still beneficial to add 'SupportsShouldProcess' to all your functions and scripts because of what I mentioned above.


iOS7 Google Contacts Sync Issue

I noticed today that my iPhone 5S had some missing contact information. I checked and double checked, and sure enough some contacts I had on iPhone were not sync'ing back with my Google contacts.

I looked at settings and made sure app-password (two factor auth means you cannot use your Google password but the password generated for the app) was correct. There was no sign of any trouble anywhere but clearly it was not sync'ing.

To keep this short; I found out the issue was that I had my Google contacts sync to use 'Exchange' (aka Active Sync). I vaguely remembered that there was some ActiveSync licensing news a while ago and after some digging found two pages of instructions on setting up iOS devices with Google contacts Sync Option.

One from Apple: , very short, Apple style, with just the minimum information they could give... (noticed that they are still not using https?)
Follow these steps if you're using iOS 7 to sync your contacts with Google Contacts:
  1. Tap Settings > Mail, Contacts, Calendars > Add Account > Google.
  2. Enter the required information in the fields.
  3. Make sure Contacts is on.

And the other from Google:
Much more detailed. (E.g. Look at #7 and compare that to #3 above)

They started with this:

Sync contacts with your Apple device

To sync your Google contacts with your Apple device (iPhone, iPad, iPod touch, Mac), we recommend using CardDAV, which is an Internet open standard. When you sync your Google contacts using CardDAV, you’ll be able to edit, add, and remove contacts from your device and keep them in sync everywhere you use them.
If you use Google Apps for Business, you can use Google Sync to sync your contacts to your iOS device.

Sync your contacts

  1. Open the Settings app on your device.
  2. Select Mail, Contacts, Calendars.
  3. Select Add Account.
  4. Select Google.
  5. Fill out your account information in the following fields:
    • Name: Enter your name
    • User Name: Enter your full Google Account or Google Apps email address.
    • Password: Your Google Account or Google Apps password. (If you’ve enabled 2 Step verification, you’ll need to generate and enter an application specific password.)
    • Description: Enter a description of the account (e.g. Personal Contacts).
  6. Select Next at the top of your screen.
  7. Make sure that the "Contacts" option is turned ON. The switch should be green.
  8. Select Save at the top of your screen.
After you've completed setup, open the Contacts app on your device, and syncing will automatically begin.

Apple's article did not give me a clue actually but specific 'CardDAV' emphasis of Google kinda told me that my 'Exchange' set up was the culprit. So, I deleted the existing account:

Settings > Mail, Contacts, Calendars > Gmail > Delete Account

The catch is that it forces you to delete all the existing (google) contacts from the phone :(

Anyway, I went ahead and did it. Then, added Google account back and once I launched the 'Contacts' app, sync started and is working fine now.


dsget parsing in PowerShell vs cmd

Recently, we had a discussion in a Microsoft Certified Professionals group about how to detect who joined a computer to domain. One of the folks suggested using 'qused' option of 'dsget'. It justs returns a number, so you really need to get the count for all users and then see whose number got higher etc., but that's not the reason I am jotting this down.

It's about an unhelpful message from dsquery and how PowerShell parsing of commands from cmd.exe could be problematic.

So the command we are interested in is:
dsget user <DN> -part <AD Partition> -qused -display

dsget user "CN=adil,OU=xyz Users,DC=xyz,DC=org" -part dc=xyz,dc=org -qused -display

Instead of typing  DistinguishedName of the user, it is also possible to get that from dsquery and then pipe it to dsget:

dsquery user -samid <KerberosID> | dsget user -part <AD Partition> -qused -display

dsquery user -samid adil | dsget user -part dc=xyz,dc=org -qused -display
 display         qused
 Hindistan, Adil 700

dsget succeeded

Note that there is a space between 'xyz users', so we enclosed that part in quotes for cmd to parse it correctly. Otherwise you would get an error:

dsget failed:Value for 'Target object for this command' has incorrect format.

If you however run the last command in PowerShell, it will not work:

PS H:\> dsquery user -samid adil | dsget user -part dc=xyz,dc=org -qused -display
  dsget failed:A referral was returned from the server.
  type dsget /? for help.

To error becomes more meaningful if you omit the dsquery part and just run dsget:

PS H:\> dsget user "CN=adil,OU=xyz Users,DC=xyz,DC=org" -part dc=nyumc,dc=org -qused -display

 dsget failed:'dc=org' is an unknown parameter.

 type dsget /? for help.

So, PowerShell is looking at the part after -part and does not interpret it as cmd.exe would. There are several ways to fix this:

1) Simply use quotes or single quotes around the part after -part
PS H:\> dsget user "CN=adil,OU=xyz Users,DC=xyz,DC=org" -part "dc=nyumc,dc=org" -qused -display

The other option is to tell PowerShell to run cmd.exe and let it parse the rest using call operator:

PS H:\> &cmd.exe /c 'dsget user "CN=adil,OU=xyz Users,DC=xyz,DC=org" -part dc=nyumc,dc=org -qused -display'
Display         qused
Hindistan, Adil 700
dsget succeeded

And here is a little function I wrote to beautify it (yep, I know, beauty is in the eye of the beholder)

function Get-DomainJoinCount {
 param (
 dsquery user -samid $KerberosID |
 dsget user -part "dc=xyz,dc=org" -qused -display).trim() -replace '\s{2,}',';' | select -skip 1 -First 1 |
 ConvertFrom-Csv -Delimiter ';' -Header "User Name","Count"

PS H:\> Get-DomainJoinCount adil |ft -AutoSize

User Name        Count
---------        -----
Hindistan, Adil 700 


Updating Environment Variables

I installed Python 2.7 on my computer, but install path was not added to environment variables. A couple of quick notes on doing this with PowerShell:

  • PowerShell does not offer a direct cmdlet to manipulate $env:path that would stick after the shell is closed.
  • [System.Environment]::GetEnvironmentVariable() and [System.Environment]::SetEnvironmentVariable() .NET methods are the way to go about this. 
  • Standard PowerShell window would not work in this case, and you need to be on an elevated PowerShell window.
  • You can also directly manipulate the registry key which holds system-wide environments variables [HKLM\System\CurrentControlSet\Control\Session Manager\Environment\Path]

To get the current path, you can either use .NET method or built in $ENV variable:

PS C:\> [System.Environment]::GetEnvironmentVariable('PATH')
C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;...

PS C:\> $env:Path
C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;...

Note that, with the .NET [System.Environment], you have also the option of getting USER variable only:

PS C:\[System.Environment]::GetEnvironmentVariable('PATH','USER')
C:\Program Files (x86)\Google\google_appengine\

To add my Python Path (c:\Python\27):

PS C:\> [System.Environment]::SetEnvironmentVariable('PATH',$env:Path + ';C:\Python\27', 'MACHINE')

It's important to remember that when you are trying to make system-wide changes, or sometimes even to access system data, you need to be on an elevated shell, which you can get by right clicking PowerShell launcher and choosing 'Run As Administrator'

Most of the time, PowerShell will give you hints that you need to be on an elevated shell but not always. For example, if you run the command above in a regular shell, you do not get an error. In fact, the change will seem to go through, except it won't and when you launch a new shell, you will notice that path you added is not there.

Below is an example where you do get an error if you attempt to run it in a non-elevated shell:

function get-smart {
gwmi -namespace root\wmi -class MSStorageDriver_FailurePredictStatus |
        select InstanceName,PredictFailure,Reason |ft -a

Regular shell will 'yell' at you in red:

PS C:> get-smart
gwmi : Access denied 
At line:2 char:2
+     gwmi -namespace root\wmi -class MSStorageDriver_FailurePredictStatus |select In ...
Run the same function in an elevated window:

PS C:\> get-smart

InstanceName                                                              PredictFailure Reason
------------                                                              -------------- ------
SCSI\Disk&Ven_Hitachi&Prod_HDT721010SLA360&Rev_ST6O\5&24ba3dff&0&000000_0          False      0
SCSI\Disk&Ven_&Prod_ST31500341AS\4&5ecf4f&0&020000_0                               False      0

By the way, that function will check the SMART status of your hard drives and tell you whether SMART expects any failure


Fixing quser access is denied error

Daily PowerShell tips from are a great way to learn PowerShell tips and tricks. They sent a tip yesterday about 'quser'. If you have been around for a while, you may remember that command. A long long time ago, Citrix helped Microsoft to create 'Terminal Server'. They also created some 'q****' commands.

If you go into your system32 directory and list executables that start with q, you will some others, like qwinsta.exe and qprocess.exe, as well as quser.exe Microsoft kept these executables ever since.

I am familiar with them, because many years ago I had written a perl application to monitor Citrix Servers and these commands came handy at the time.

Anyway, PowerShell tip yesterday was about finding out logged on user:

PS H:\> quser  
  >adil              console             1  Active      none   1/15/2014 11:35 AM PS 

H:\> (quser) -replace '\s{2,}',','|ConvertFrom-Csv
 SERNAME    : >adil
ID          : 1
STATE       : Active
IDLE TIME   : none
LOGON TIME  : 1/15/2014 11:35 AM

The first command shows what you would have seen by running the command on the current machine, and Tobias Weltner's tip shows us how to first replace 2 or more spaces with ',' and then, use ConvertFrom-CSV cmdlet to convert string into a reusable PowerShell Object (PSObject).

Today, there was a follow up on the tip to find out who logged on on a remote computer, using /server parameter. One of my colleagues tried it and and reported that it was not working for her.

Error 0x000006BA enumerating sessionnames
Error [1722]: The RPC server is unavailable.

The first line of error suggested that it was a permissions issue, but she was an admin on the remoe windows 7 box.
The second line was telling us that the remote machine was not responding to Remote Procedure Call (RPC).

So, to fix this, we needed to enable RemoteRPC calls in the registry of the remote machine.
PS H:\> invoke-command -computername adil-w7x32vm2 -Command { set-itemproperty 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server' -Name AllowRemoteRPC  -Value 0x1 -Force }

 And once the RemoteRPC is allowed, query goes through without any errors.

PS H:\> (quser /server:adil-w7x32vm2) -replace '\s{2,}',','|ConvertFrom-Csv

  USERNAME    : testuser
  SESSIONNAME : console
  ID          : 3
  STATE       : Active
  IDLE TIME   : none
  LOGON TIME  : 1/15/2014 10:29 AM
 Note that, you migh also use the following command to connect to remote registry and change the setting, in case you cannot use invoke-command:

reg add "\\ComputerName\HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v AllowRemoteRPC /t Reg_Dword /d 0x1 /f

And query to make sure the change took place:

PS H:\> reg query "\\adil-w7x32vm2\HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v AllowRemoteRPC

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server

    AllowRemoteRPC    REG_DWORD    0x1


Finding and dealing with a special char in PowerShell

Recently I ran into an issue while doing regex on Bios Serial Numbers. A couple of machines returned a special character as their serial number when I ran the following command

(Get-WmiObject Win32_Bios) .SerialNumber


Not sure if it will show up fine on your computer but it looks like a black diamond shape with question mark in it.

For my purpose, I needed to eliminate such computers from my results, so naturally I wanted to be able to match them in my regular expression.

The problem was that I had no idea how to produce it in my regex.
I knew I could have produced any character using this


But  how do I find the char code? Here is how:

I copied the first '?' character and then pasted it between the single quotes (could have been double quotes but in general if you do not want something to be evaluated, avoid double quotes) below in PowerShell

PS D:\> [int][char]'�'

So I could reproduce the weird character by dropping [int]

PS D:\> [char]65533

This meant that I could now use it in regular expression like this:

PS D:\>(Get-WmiObject Win32_Bios) .SerialNumber -match "$([char]65533)"

While we are at it, here are a couple of valid and invalid ways to do this comparison

PS D:\> '�' -match "$([char]65533)"

PS D:\> "�" -match [char]65533

PS D:\> '�' -match [char]65533

PS D:\> '�' -match '[char]65533'  (Included this because single quote some times trip people. PowerShell does not evaluate the stuff inside single quotes.

PS D:\> � -match "$([char]65533)"
� : The term '�' is not recognized as the name of a cmdlet, function, script file, or operable program.
Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:1
+ � -match "$([char]65533)"
+ ~
    + CategoryInfo          : ObjectNotFound: (�:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

In the last example above, Left side of -match operator is not enclosed within any quotes and therefore an error is generated. Error is quite self explanatory.