Powershell

Customizing your Powershell profile

Everytime when open a powershell, I always change the directory where my scripts reside which is C:\scripts folder. There is an easy way to accomplish this. We can save all these customization in to our profile so that when we open a session, they will get applied automatically. Some of these are below as examples;

dir $profile

(check whether it’s already been created if not create one

new-item $profile -Force

Then start putting your changes in to your profile

Add-Content -Value ‘cd c:\Scripts’ -Path $profile

Add-Content -Value ‘$host.privatedata.errorforegroundcolor=”green”‘ -Path $profile

Add-Content -Value ‘write-host “Hello Murat – Nice to see you again!” -foregroundcolor magenta’ -Path $profile

You can do a lot more but these are just a few examples..

Let’s have a looks….

profile

Advertisements
Citrix

How to Optimize XenDesktop Machines

I have taken this from Citrix website which is very useful;

To apply additional optimizations to the master virtual machine later, run the TargetOSOptimizer tool manually. On the master VDA, go to C:\Program Files\Citrix\PvsVm\TargetOSOptimizer, and run TargetOSOptimizer.exe

OPT1

OPT2

Specific Optimizations Performed by the Virtual Delivery Agent 7.x Installer

  • Disable Offline Files
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\NetCache]
    “Enabled”=dword:00000000
  • Disable Windows Autoupdate
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update]
    “NoAutoUpdate”=dword:00000001
    “AUOptions”=dword:00000001
    “ScheduledInstallDay”=dword:00000000
    “ScheduledInstallTime”=dword:00000003
  • Disable Defrag BootOptimizeFunction
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction]
    “Enable”=”N”
  • Disable Background Layout Service
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\OptimalLayout]
    “EnableAutoLayout”=dword:00000000
  • Disable Last Access Timestamp
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem]
    “NtfsDisableLastAccessUpdate”=dword:00000001
  • Disable Hibernate (Windows Vista and Windows Server 2008 only)
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Power]              “Heuristics”=hex:06,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,3f,42,0f,00
  • Disable Hibernate (Windows 7 only)
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Power]
    “HibernateEnabled”=dword:00000000
  • Disable Hibernate (Windows 8 and Windows 2012 only)
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power]
    “HibernateEnabled”=dword:00000000
  • Reduce DedicatedDumpFile DumpFileSize to 2MB
    [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\CrashControl]
    “DumpFileSize”=dword:00000002
    “IgnorePagefileSize”=dword:00000001
  • Disable Indexing Service
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cisvc]
    “Start”=dword:00000004
  • Disable Move to Recycle Bin
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
    “NoRecycleFiles”=dword:00000001
  • Reduce Event Log Size to 64k
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application]
    “MaxSize”=dword:00010000
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Security]
    “MaxSize”=dword:00010000
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\System]
    “MaxSize”=dword:00010000
  • Reduce Internet Explorer Temp File
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content]
    “CacheLimit”=dword:00000400
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Content]
    “CacheLimit”=dword:00000400
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content]
    “CacheLimit”=dword:00000400
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Content]
    “CacheLimit”=dword:00000400
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths]
    “Paths”=dword:00000004
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path1]
    “CacheLimit”=dword:00000100
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path2]
    “CacheLimit”=dword:00000100
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path3]
    “CacheLimit”=dword:00000100
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path4]
    “CacheLimit”=dword:00000100
  • Disable Clear Page File at Shutdown
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management]               “ClearPageFileAtShutdown”=dword:00000000
  • Disable Windows SuperFetch
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SysMain]
    “Start”=dword:00000004
  •  Disable Windows Defender
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend]
    “Start”=dword:00000004
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    “Windows Defender”=hex(2):00
  • Disable Windows Search
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WSearch]
    “Start”=dword:00000004

Additional Optimizations Available When Running the Tool Manually

  • Disable Machine Account Password Changes
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters]
    “DisablePasswordChange”=dword:00000001

Specific Optimizations Performed by the Virtual Delivery Agent 5.x Installer

  • Disable Windows Autoupdate
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
    WindowsUpdate\Auto Update]
    “AUOptions”=dword:00000001
    “ScheduledInstallDay”=dword:00000000
    “ScheduledInstallTime”=dword:00000003
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv]
    “Start”=dword:00000004
  • Disable Offline Files
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\NetCache]
    “Enabled”=dword:00000000
  • Disable Disk Defragmentation BootOptimizeFunction
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction]
    “Enable”=”N”
  • Disable Background Layout Service
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
    OptimalLayout]
    “EnableAutoLayout”=dword:00000000
  • Disable System Restore (Windows XP and Windows Server 2003 Only)
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sr]
    “Start”=dword:00000004
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srservice]
    “Start”=dword:0000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    “DisableSR”=dword:00000001
  • Disable Last Access Time Stamp
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem]
    “NtfsDisableLastAccessUpdate”=dword:00000001
  • Disable Hibernate
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Power]
    Various keys and values are set according to the version of Windows detected.
  • Disable CrashDump
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl]
    “CrashDumpEnabled”=dword:00000000
    “LogEvent”=dword:00000000
    “SendAlert”=dword:00000000
  • Disable Indexing Service
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cisvc]
    “Start”=dword:00000004
  • Reduce Event Log File Size to 64 kb
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\
    Application]
    “MaxSize”=dword:00010000
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\
    Security]
    “MaxSize”=dword:00010000
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\
    System]
    “MaxSize”=dword:00010000
  • Reduce Internet Explorer Temporary File Cache
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content]
    “CacheLimit”=dword:00000400 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Content]
    “CacheLimit”=dword:00000400 [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content]
    “CacheLimit”=dword:00000400
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Content]
    “CacheLimit”=dword:00000400
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
    Internet Settings\Cache\Paths]
    “Paths”=dword:00000004
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
    Internet Settings\Cache\Paths\path1]
    “CacheLimit”=dword:00000100
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
    Internet Settings\Cache\Paths\path2]
    “CacheLimit”=dword:00000100
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
    Internet Settings\Cache\Paths\path3]
    “CacheLimit”=dword:00000100
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
    Internet Settings\Cache\Paths\path4]
    “CacheLimit”=dword:00000100
  • Disable Clear Page File at Shutdown
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management]
    “ClearPageFileAtShutdown”=dword:00000000
  • Disable Superfetch (Windows Vista and Windows 7 Only)
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SysMain]
    “Start”=dword:00000004
  • Disable Windows Defender (Windows Vista and Windows 7 Only)
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend]
    “Start”=dword:00000004
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
    Run]
    “Windows Defender”=hex(2):00
  • Disable Windows Search (Windows Vista and Windows 7 Only)
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WSearch]
    “Start”=dword:00000004
  • Disable Scheduled Disk Defragmentation (Windows Vista and Windows 7 Only)
    Programmatic optimization.

Additional Optimizations Available When Running the Tool Manually

  • Disable Move to Recycle Bin (Windows XP)
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
    Explorer\BitBucket]
    “UseGlobalSettings”=dword:00000001
    “NukeOnDelete”=dword:00000001
  • Disable Move to Recycle Bin (Windows Vista and Windows 7)
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
    “NoRecycleFiles”=dword:00000001
  • Disable Machine Account Password Changes
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\
    Parameters]
    “DisablePasswordChange”=dword:00000001
  • Disable UDP Checksum Offload (Only When a Broadcom NIC Is Detected)
    Programmatic optimization.
Server 2019, Training

What is new in Server 2019

Microsoft Announced Windows Server 2019 LTSC Insider Preview Build 17623 on March 20th, 2018.

In Server 2019 LTSC you can choose the Desktop Experience and Core, while the Windows Server vNext Semi-Annual is Core only.

Long Term Servicing Channel (LTSC), with 10 years of support and a release every three years

Semi-Annual Channel (SAC) with 18 months of support and a release every six months.

Depending on your licensing you will get these options available to you.

In Build 17623

  • In-place OS Upgrade (from Windows Server 2012 R2, Windows Server 2016)
    Application compatibility
  • Extending your Clusters with “Cluster Sets”
  • Windows Defender Advanced Threat Protection
  • Windows Defender ATP Exploit Guard
  • Failover Cluster removing use of NTLM authentication
  • Shielded virtual machines: Offline mode, Alternate HGS, VMConnect and Shielded Linux support
  • Encrypted Network in SDN
  • Performance history for Storage Spaces Direct

So you want to test and give feedback to Microsoft, just follow the links below;

Registerhttps://insider.windows.com/en-us/for-business-getting-started-server

Downloadhttps://www.microsoft.com/en-us/software-download/windowsinsiderpreviewserver

NOTE:

Windows Server 2019 LTSC Build 17623 is available in ISO format in 18 languages. This build and all future pre-release builds will require use of activation keys during setup. The following keys allow for unlimited activations:

Datacenter Edition – 6XBNX-4JQGW-QX6QG-74P76-72V67
Standard Edition – MFY9F-XBN2F-TYFMP-CCV49-RMYVH

Windows Server vNext Semi-Annual Build 17623 The Server Core Edition is available in English only, in ISO or VHDX format. The images are pre-keyed – no need to enter a key during setup.

 

Cloud Computing, Containers, Hyper-V, Microsoft Azure, Nano Server, Networking / Infrastructure, Server 2019, Virtualization

Server 2019 is now available in preview

2019

Windows Server 2019 is built on the strong foundation of Windows Server 2016 and it is focusing on four themes were consistent – Hybrid, Security, Application Platform, and Hyper-converged infrastructure. Most people reckon Microsoft is pushing every customer in to Cloud slowly and we soon see no more option but moving to cloud. They will do this making costly staying on prem and starting with this edition they put their prices up.

Hybrid Cloud: This is the most common scenario for many companies , a hybrid approach, one that combines on-premises and cloud environments working together. Extending Active Directory, synchronizing file servers, and backup in the cloud are just a few examples of what companies are already doing today to extend their datacenters to the public cloud. In addition, a hybrid approach also allows for apps running on-premises to take advantage of innovation in the cloud such as Artificial Intelligence and IoT. Microsoft also introduced Project Honolulu in 2017 and this will be a one-stop management tool for IT pros.

Security: Microsoft’s approach to security is three-fold – Protect, Detect and Respond.
On the Protect front, They introduced Shielded VMs in Windows Server 2016, which was enthusiastically received by our customers. Shielded VMs protect virtual machines (VM) from compromised or malicious administrators in the fabric so only VM admins can access it on known, healthy, and attested guarded fabric. In Windows Server 2019, Shielded VMs will now support Linux VMs. They are also extending VMConnect to improve troubleshooting of Shielded VMs for Windows Server and Linux. They are adding Encrypted Networks that will let admins encrypt network segments, with a flip of a switch to protect the network layer between servers.

On the Detect and Respond front, in Windows Server 2019, they are embedding Windows Defender Advanced Threat Protection (ATP) that provides preventative protection, detects attacks and zero-day exploits among other capabilities, into the operating system. This gives companies access to deep kernel and memory sensors, improving performance and anti-tampering, and enabling response actions on server machines.

Application Platform: Microsoft focuses on the developer experience. Two key aspects to call out for the developer community are improvements to Windows Server containers and Windows Subsystem on Linux (WSL).

 In Windows Server 2019, Microsoft’s goal is to reduce the Server Core base container image to a third of its current size of 5 GB. This will reduce download time of the image by 72%, further optimizing the development time and performance.

They are also continuing to improve the choices available when it comes to orchestrating Windows Server container deployments. Kubernetes support is currently in beta, and in Windows Server 2019, they are introducing significant improvements to compute, storage, and networking components of a Kubernetes cluster.

Another improvement is that they previously extended Windows Subsystem on Linux (WSL) into insider builds for Windows Server, so that customers can run Linux containers side-by-side with Windows containers on a Windows Server. In Windows Server 2019, they are continuing to improve WSL, helping Linux users bring their scripts to Windows while using industry standards like OpenSSH, Curl & Tar.

Hyper-converged infrastructure (HCI): HCI is one of the latest trends in the server industry today. They partnered with industry leading hardware vendors to provide an affordable and yet extremely robust HCI solution with validated design. In Windows Server 2019 they are building on this platform by adding scale, performance, and reliability. They are also adding the ability to manage HCI deployments in Project Honolulu, to simplify the management and day-to-day activities on HCI environments.

Containers, Docker, Hyper-V, Nano Server, Powershell, Server 2016

More about Containers …

I have found this article in GitHub site really nice and easy to understand. I think more and more people need to understand the terminology first and it is crucial. Containers will be compared to Virtual Machines but there are lots of differences…


  • Containers are about Software!
  • Traditionally we use the following process to run software:
    • Find the software, usually a standalone web site.
    • Download the software, usually a zip file or some sort of installer.
    • Then we install the software, often extracting a zip file or running an installer.
    • Then we run the installed software.
  • You can learn alot about containers by relating them to the process above. Here’s what it looks like to run software with containers:
    • Find the software, on Docker Hub.
    • Download the software with docker pull, comes down as an image which is much like a zip file or msi installer. An image is an application packaging format.
    • Instead of installing the software, we create a container. So, a container–a stopped container–is like installed software. Docker unpacks the image onto the computer, creating a container. Note: if you just want to create a container, you can use docker create.
    • Then we run the container which is exactly like running an exe. It’s the same thing under the covers!!!
    • We often use docker run to orchestrate all of these steps with one command, how convenient!
  • docker exec can be thought of as running another copy of our installed software, like when we launch an executable twice. For example, two copies of Microsoft Word. Or with MongoDB, we might run two mongo clients. After a container is created and running, we can use docker exec to run multiple applications, or multiple copies of the same app, inside the container.

 

Containers, Docker, Hyper-V, Nano Server, Server 2016

Windows Containers on Windows Server 2016

I am running these on Windows 10 Pro and I have got Hyper-V feature enabled. Created a few VMs on this hyper-v host.

Prerequisites: One computer system (physical or virtual) running Windows Server 2016.

Critical updates are needed in order for the Windows Container feature to function. Please install all updates before working through this tutorial.

To install Docker we’ll use the OneGet provider PowerShell module which works with providers to perform the installation, in this case the MicrosoftDockerProvider. The provider enables the containers feature on your machine. You also install Docker which requires a reboot. Docker is required in order to work with Windows containers. It consists of the Docker Engine and the Docker client.+

Fist I have enabled Containers Feature on my server going in to Add Roles and Features

Capture99

Capture

Then run a PowerShell command prompt as an administrator;

First, install the Docker-Microsoft PackageManagement Provider from the PowerShell Gallery.

Install-Module -Name DockerMsftProvider -Repository PSGallery -Force

Capture3

Secondly you use the PackageManagement PowerShell module to install the latest version of Docker.

Install-Package -Name docker -ProviderName DockerMsftProvider

Capture4

This indicates we need KB3176936 to be installed on my server. I will use Windows Updates to bring my server up-to-date.

Capture5

Capture6

Looks like we are good to carry on, I will run the same command one more time to see if it is going to run…

Capture7

All good so far. And run Restart-Computer -Force to restart to complete configurations.

Just to check the installed version….

Capture8

I downloaded a pre-created .NET sample image from the Docker Hub registry and deploy a simple container running a .Net Hello World application.

Use docker run to deploy the .Net container. This will also download the container image which may take a few minutes.

docker run microsoft/dotnet-samples:dotnetapp-nanoserver

Capture9

I had to start Docker service after my reboot otherwise I get the error in the image..

Start-Service Docker

Once all the downloads completed…..

Capture9F

There you have it.

General, Licensing

OFFICE 365 Licensing – Enterprise

Office 365 Enterprise E1

This entry level version of Microsoft’s software is the least expensive of the plans, at £6 per month per user. Your users must have an Internet connection to use E1 because this version does not include installed versions of the applications.

If your organization has people working out in the field, relying on tablet computers or smartphones to do their work, E1 is not for you because it does not install applications on mobile devices either. You do get online versions of familiar Office products, such as Excel, PowerPoint and Word. Each user gets 1 TB for storing and sharing data, as well as 50 GB per inbox with Microsoft’s business-class email, calendar and contacts.

Office 365 Enterprise E3

Microsoft’s midrange plan costs £17.60 per month per user. The main benefit here over the less expensive E1 and ProPlus plans is that this includes fully installed Office applications: Excel, Word, PowerPoint, Outlook, Publisher, OneNote as well as Skype for Business.

You can install these applications on as many as five PCs or Macs and on up to 5 mobile phones and 5 tablets per user. Being a cloud services solution, there are also online versions of Excel, Word and PowerPoint and other Office apps, so your users will not have to rely on devices with software already installed.

Office 365 Enterprise E5

For maximum flexibility and horsepower, you’ll want to go with the E5 plan. It costs £30.80 per month per user. In addition to a full installation of all Office applications on users’ devices, you gain access to advanced security to protect your organization’s data against heretofore unseen malware and viruses, with additional protection against zero-day exploits.

E5 is the only plan that includes analytics tools. It is also the sole version that enables PSTN conferencing to facilitate Skype for Business meetings by letting participants connect over mobile phones or landlines. For companies that require more communications options, E5 also includes cloud PBX services to give you cloud-based call management (placing, receiving and transferring calls on multiple devices).

Office 365 ProPlus

The ProPlus version of Office 365 requires a monthly fee of £11.50, making it a suitable compromise between the E1 and E3 plans in terms of price. The main distinction here is that ProPlus has enterprise features but no email.

If your organization already has a preferred client for email or relies on webmail, this may be the best plan for you from a budget perspective. Likewise, if you already have an employee portal or dashboard in place, you won’t miss the fact that Office 365 ProPlus lacks an intranet site, corporate social networking or a corporate video portal. Companies that need advanced security or analytics tools should skip ProPlus and go with the E5 solution.

Office365