After you have installed the help documentation locally, you may need to update the documentation. You can use the Update-Help cmdlet to retrieve help documentation from the Microsoft website and update it locally to a single computer, or list of computers.
Using Windows PowerShell Modules
Windows PowerShell is designed to be extensible. Adding new cmdlets and functions in Windows PowerShell can be accomplished by using modules.Note: In earlier versions of Windows PowerShell, extensibility was provided by using snap-ins. For backward compatibility, Windows PowerShell continues to support snap-ins.
Windows PowerShell uses the Microsoft.PowerShell.Management module, which provides basic
functionality. When you install additional roles on a server, additional Windows PowerShell modules are installed and automatically imported. This means they are ready for use. In Windows Server 2008 R2 and earlier versions, you had to manually import the management modules for specific roles into your Windows PowerShell session before you were able to use them. For example, you install the Microsoft Hyper-V® Role and the Hyper-V module for Windows PowerShell. To manage Hyper-V from Windows
PowerShell in Windows Server 2008 R2 and earlier, you must import the Hyper-V module into the Windows PowerShell session. To import the Hyper-V module, run the following command: Import-Module Hyper-V
MCT USE ONL
Y. STUDENT USE PROHIBITED
Upgrading Your Skills to MCSA Windows Server® 2012 2-9
Run the following command to list all modules that are imported: Get-Module
It is not always necessary to manually import modules on computers running Windows Server 2012 and newer. Whenever a new role is installed, the Windows PowerShell modules for that role are automatically added to the computer in which you start a Windows PowerShell session. However, if you are opening a Windows PowerShell session to manage a server remotely, you must import the modules you intend to use on the remote computer.
There are two basic module types:
• Binary. A binary module is created by using the .NET Framework and is frequently provided with a product to provide Windows PowerShell support. Binary modules frequently add cmdlets that consists of noun or subject types that are newly created in the AD DS schema to support the product. An example is the New-Mailbox cmdlet of Exchange Server 2010.
• Script. A script module is composed of Windows PowerShell cmdlets that already exist in the environment. These scripts can provide additional functions and variables to automate repetitive or tedious tasks. You may want to create your own module that includes functions or variables specific to your environment as a timesaving or configuration-management measure.
Additional Reading: For more information about Windows PowerShell modules, see “Windows PowerShell Modules” by visiting the following link:
http://go.microsoft.com/fwlink/?linkID=270852
What Is Windows PowerShell Remoting?
The purpose of Windows PowerShell remoting isto connect to remote computers, to run
commands on those computers, and to direct the results back to your local computer. This enables single-seat administration, or the ability to manage the computers on the network from the client computer, instead of having to physically visit each computer. A key goal of Windows PowerShell remoting is to enable batch
administration, which lets you run commands on an entire set of remote computers concurrently. There are three main ways to use remoting:
• One-to-One remoting. In this scenario, you connect to a single remote computer and run shell commands on it, exactly as if you had logged into the console and opened a Windows PowerShell window.
• One-to-Many remoting. In this scenario, you issue a command that will be executed on one or more remote computers in parallel. You are not working with each remote computer interactively. Instead, your commands are issued and executed in a batch and the results are returned to your computer for your use.
MCT USE ONL
Y. STUDENT USE PROHIBITED
2-10 Managing Windows Server 2012 by Using Windows PowerShell
• Many-to-One remoting. In this scenario, multiple administrators make remote connections to a single computer. Typically, those administrators will have different permissions on the remote computer and might be working in a restricted runspace within the shell. This scenario usually requires custom development of the restricted runspace, and it will not be covered further in this course.
Remoting requires that you have both Windows PowerShell and Windows Remote Management (WinRM) utilities on your local computer, and on any remote computers to which you want to connect. WinRM is a Microsoft implementation of Web Services for Management, or WS-MAN, which is a set of protocols that is widely adopted across different operating systems.
As their names imply, WS-MAN and WinRM use web-based protocols. A benefit of these protocols is that they use a single, definable port. This makes them easier to pass through firewalls than earlier protocols that randomly selected a port. WinRM communicates by using the Hypertext Transfer Protocol (HTTP). By default, WinRM and Windows PowerShell remoting uses TCP port 5985 for incoming connections that are not encrypted and TCP port 5986 for incoming encrypted connections.
Applications that use WinRM, such as Windows PowerShell, can also apply their own encryption to the data that is passed to the WinRM service. WinRM supports authentication and, by default, uses the Active Directory native Kerberos protocol in a domain environment. Kerberos does not pass credentials over the network, and it supports mutual authentication to ensure that incoming connections are coming from valid computers.
Establishing a One-to-One remoting session by using Windows PowerShell ISE is performed by clicking the New Remote PowerShell tab on the File menu. You also can establish a remote Windows PowerShell session by using the Enter-PSSession cmdlet. For example, to open a Remote PowerShell session on a computer named LON-SVR2, you use the following syntax:
Enter-PSSession –ComputerName LON-SVR2
One-to-Many remoting is primarily performed by using the Invoke-Command cmdlet. To run the Get-
EventLog cmdlet against the computers named LON-SVR1 and LON-SVR2, use the following command:
Invoke-Command -ScriptBlock { Get-EventLog System -Newest 5 } -Computername LON-SVR1, LON- SVR2
Note: Unlike in earlier versions, Windows Server 2012 and newer has Windows PowerShell remoting and WinRM enabled by default.
What Are the New Features in Windows PowerShell?
Windows PowerShell has new features thatfacilitate managing larger groups of servers through better scaling, additional functionality, and better management. Windows PowerShell 3.0 includes the following new features:
• Windows PowerShell Workflow. This enables coordination of complex parallel and sequenced commands.
• Windows PowerShell Web Access. This feature enables encrypted and authenticated access to Windows PowerShell by using a web browser on any device.
MCT USE ONL
Y. STUDENT USE PROHIBITED
Upgrading Your Skills to MCSA Windows Server® 2012 2-11
• Scheduled Jobs. This feature enables scheduling of Windows PowerShell commands and scripts to automatically run administrative tasks.
• Enhanced Online Help. You can download the latest Help files from Microsoft by using the
Update-Help cmdlet and view the latest help online. This guarantees you are getting the latest
information about how to use Windows PowerShell.
• Windows PowerShell ISE IntelliSense. Windows PowerShell ISE provides hints for cmdlets, including valid parameters that make it easier to use Windows PowerShell than in the past.
• Robust Session Connectivity. These connections enable you to connect to a remote server, and if connectivity is lost or you intentionally disconnect, you can resume the connection at the point it was disconnected. Previously, if connection to a session was lost, all the session data, variables, and command history would also be lost.
• Management of Roles and Features. You can manage most roles and features available in Windows Server 2012 by using a set of cmdlets specific to the role or feature. Furthermore, you can list, install, or remove roles and features by using the Get-WindowsOptionalFeature,
Add-WindowsOptionalFeature, and Remove-WindowsOptionalFeature cmdlets.
Windows Server 2102 R2 ships with a newer version of Windows PowerShell, that is, Windows PowerShell 4.0. This version has several new features, including:
• The Save-Help cmdlet. As mentioned in an earlier topic, you can use this cmdlet to download help documentation from the Microsoft website to the local computer.
• Windows PowerShell Desired State Configuration (DSC). DSC is a management system that you can use to deploy and manage configuration data for software deployed on any computer running Windows PowerShell 4.0. For instance, you can use DSC to ensure that a given website is present on a server, or that a given folder is not available on another server.
Additional Reading: For more information about Windows PowerShell DSC, see “Get Started with Windows PowerShell Desired State Configuration” by visiting the following link: http://go.microsoft.com/fwlink/?LinkID=331440
• Execution Policy. The default execution policy for computers running Windows Sever 2012 R2 is RemoteSigned.
• Extra functionality. The following cmdlets have new parameters or changed functionality:
o Register-ScheduledJob and Set-ScheduledJob. These cmdlets now have a parameter named RunNow that you can use to start the job immediately without the use of the Trigger parameter. o Invoke-RestMethod and Invoke-WebRequest. The Header parameter has been implemented.
This parameter existed before, but always threw an exception when used.
o Get-Module. This cmdlet now has a parameter named FullyQualifiedName, which you can use to specify a fully qualified name for a module, including name, version, and GUID.
o New-JobTrigger and Set-JobTrigger. These cmdlets now have a parameter named RepeatIndefinitely that you can use to repeat the job for an indefinite period.
o Enable-JobTrigger and Disable-JobTrigger. These cmdlets now have a parameter named Pssthru, which you can use to display all objects that are modified by the cmdlet executed. o Add-Computer and Remove-Computer. These cmdlets now use the same parameter, that is,
MCT USE ONL
Y. STUDENT USE PROHIBITED
2-12 Managing Windows Server 2012 by Using Windows PowerShell
o Get-Process. This cmdlet now has a parameter named IncludeUserName that you can use to display the user name on each process retrieved.
o Get-FileHash. This is a new cmdlet that you can use to retrieve the hash value of a file. Additional Reading: For more information on new features of Windows PowerShell, see “What's New in Windows PowerShell” by visiting the following link:
MCT USE ONL
Y. STUDENT USE PROHIBITED
Upgrading Your Skills to MCSA Windows Server® 2012 2-13