Power “Stuff”

“PowerGadgets” is an interesting looking data visualization product that works with PowerShell. Graphs, charts, dials, maps and gauges, what’s not to like? ūüôā

According to their web site “As a Windows PowerShell Snapin, PowerGadgets lets you easily explore, visualize and monitor enterprise data from virtually any data source, including traditional databases and text files, with little or no coding involved.”

They’re currently running a promotion that they’re calling their PowerGadgets MVP Program. Tell them a little about yourself and they may give you a free copy of PowerGadgets. I’ve been wanting to look into this product but didn’t have a budget for it. I recalled a “negotiating skills” course I took a long time ago whose motto was “if you don’t ask, they can’t say yes”, so I filled out their form over the weekend. Got my free license in this morning’s email. Cool. So “thanks” to the nice folks at PowerGadgers. Now to get busy and learn how to use it.

Not to be confused with the above is Andrew Peter’s “PowerShell Gadget” which he describes as “a small gadget that hosts the PowerShell console window in your Sidebar. Commands can be entered straight into the collapsed gadget or, by clicking on the PowerShell icon, the complete PowerShell console is available“. This sounds so interesting that I’m going to have to fire up my Vista test machine just to give it a spin.

Another couple products that I just found are both from “PowerLocker”. Powerlocker (“Encrypt and protect your PowerShell scripts“) and PowerPad (“Quickly edit multi-line scripts, functions, or script-blocks“) both have “community” (read: free) versions, although the free PowerLocker version is limited to 10 line scripts. The paid version of Powerlocker obviously has no line limit. I’ll try both of them, although I’m kind of a die-hard vi user. And I don’t need to encrypt anything at this point, but it sounds interesting to test.


Active Directory Explorer 1.0

I use AdsiEdit an awful lot.¬†Rarely to actually make changes in AD, but mostly to view or search for objects in AD – looking at attributes, etc. –¬†in order to explore AD. Great tool but in order to search AD, I’d have to switch to LDP or ADUC or some other tool and then go back to AdsiEdit to view the objects that I found. (Of course, now I mostly search with PowerShell but I still prefer a GUI tool for actually viewing the objects/attributes I’m researching.)

So I was interested to find that Microsoft has released a free download of Active Directory Explorer 1.0, which was written by Bryce Cogswell and Mark Russinovich of SysInternals fame. Here’s the description from the tool itself:

Active Directory Explorer (AD Explorer) is an advanced Active Directory (AD) viewer and editor. You can use AD Explorer to easily navigate an AD database, define favorite locations, view object properties and attributes without having to open dialog boxes, edit permissions, view an object’s schema, and execute sophisticated searches that you can save and re-execute.

AD Explorer also includes the ability to save snapshots of an AD database for off-line viewing and comparisons. When you load a saved snapshot you can navigate and explorer it as you would a live database. If you have two snapshots of an AD database you can use AD Explorer’s comparison functionality to see what objects, attributes and security permissions changed between them.

I’m still exploring the tool, but here’s my impressions to date.

First, the visual presentation. Similar to AdsiEdit, but when you select an object on the left side of the interface, it immediately displays the populated attributes on the right side. Much quicker to use than AdsiEdit in this respect. Right-click on the object and you can view the oject’s security and attributes, as well as jump directly to the object’s schema¬†object. It doesn’t appear to show unpopulated attributes. AdsiEdit seems to win on this point – you can toggle between displaying all possible attributes and¬†only those wth values.

It also offers a history mechanism so you can backtrack through the containers and objects you’ve already visited.

Next, the¬†search capability. It’s similar to the search dialog in ADUC, but it¬†gives¬†an extensive¬†list of classes to choose from, as well as a dropdown box of the relevant attributes once you’ve selected a class.¬†More flexible than ADUC in that regard¬†but it doesn’t seem to allow you to create your own arbitrary LDAP search strings like ADUC does, nor does it seem to allow for “or” conditions, only “and” conditions. Unless I’ve missed something, that seems rather limiting.

Finally, the “snap-shot” capability. The documentation says that you can save and reload snapshots into the tool, as well as compare selected parts of two saved snapshots. Haven’t used it yet, but it looks like it might be useful in validating and documenting changes in AD.¬†Our change management folks¬†would like that. Soon as I get my test environment rebuilt, I’ll test that feature.

So my overall impression is that it’s worth further evaluation, even though it doesn’t seem to answer all my wish-list regarding search capabilities and attribute presentation. But for¬†a first version, and a free tool at that, it’s a welcome addition to the tool-kit.

out-this, out-that

I’ve been doing a lot of¬†work recently where I export data to a csv file and then open the file with Excel so I can convert it to a spreadsheet. But I’m inherently lazy so I went looking for an out-excel cmdlet or some such that would allow me to pipe data directly to Excel.¬†I found code samples of how to start Excel and how to write to cells in a worksheet, but couldn’t¬†find what¬†I wanted, so I wrote¬†an out-excel function.

The basic behavior I wanted was to be able to do something like this –
get-process | where {$_.handles -gt 500} | select name,handles,path | out-excel
and get an open workbook in Excel where the column headers were the names of the properties and where each row corresponded to an object in the pipeline.

I cobbled together some code which worked fine but then I wanted more. I knew that the convertto-html cmdlet has a -property ¬†parameter which allows you to select the specific properties you want, so I decided to add that. Now I could do something like this –
get-process | where {$_.handles -gt 500} | out-excel -pr name,handles,path

I’ve been doing a lot of ad-hoc Active Directory searching and reporting, sometimes retrieving DirectoryEntry objects and sometimes only retrieving SearchResult objects. SearchResults are odd creatures that¬†require¬†way too many keystrokes since instead of typing something nice and short like –
get-searchresults -type user,lockedout -raw | out-excel name, userprincipalname
I would have to type something like this –
get-searchresults -type user,lockedout -raw | select @{n=”Name”;e={$_.properties.name}},
¬†¬†¬†¬†@{n=”UPN”;e={$_.properties.userprincipalname}}| out-excelname

(That get-searchresults function is a tool I’ve built and added to over time to make my AD searching easier. Normally it returns DirectoryEntry objects, but the -raw switch lets it return the SearchResult objects directly. Saves time when I just need the results of the query and don’t actually need to do anything with the corresponding DirectoryEntry objects. I need to¬†write about that sometime. But did I mention that I was lazy?)

So I added a -raw¬† switch. Now I can do this –
get-searchresults -type user,lockedout -raw | out-excelname -pr name,userprincipalname -raw

The function itself is relatively straightforward.

The begin  section starts Excel, creates a workbook and initializes  two variables.

In the process section, when¬†the first object is encountered, we use the property list to write the property names in the first row. (If we weren’t provided a property list, we just build one based on the properties of the first object.) At the same time, we build a hash table so later we can look up a property name and find the corresponding column.

After this, we can process each object, enumerating the property names in our header table and writing the matching value from the object to the appropriate column. Using a hash table¬†has the advantage that we don’t have to worry about missing properties or the “ordering” of the properties in the columns.

In the end  section, we just resize all the columns to fit the data. Now we have a spreadsheet open for further analysis in Excel or that we can save for later.

Here’s the function in its entirety – out-excel