Search results for 'app:weblogs' matching tags 'scripting techniques', 'guest blogger', and 'regular expressions'

Use PowerShell to Move Computers Based on IP Addresses: Part 2

Anonymous — Sun, 04 Dec 2011 06:00:00 GMT

Summary: In this blog, Eric Wright revises his script by using Active Directory cmdlets to move computers that are organized in Active Directory, based on their IP addresses.

Microsoft Scripting Guy, Ed Wilson, is here. In today’s post, guest blogger, Eric Wright, reprises yesterday’s post to use the Windows Active Directory module cmdlets. Here is a bit about Eric.

I am a systems architect and blogger, and I work with Microsoft tools, Windows PowerShell, virtualization, and various web technologies. I’m a big fan of automation and scripting to simplify and enhance systems administration.
Contact information:
Website: DiscoPosse—Using the chicken to measure IT
Twitter: http://www.twitter.com/discoposse
LinkedIn: http://ca.linkedin.com/pub/eric-wright/3/7b4/bb6

Note: This script requires Active Directory domain controllers with Windows Server 2008 R2 or the Active Directory Management Gateway Service. For more information about installing the gateway service, see the Hey, Scripting Guy! Blog Install Active Directory Management Service for Easy PowerShell Access. With Windows Server 2008 R2, you can use the native Active Directory PowerShell module. If you are running an earlier version of Windows Server on your domain controllers, or if you do not have the Active Directory Management Gateway Service installed, you can use the process that I documented yesterday in part 1, which uses the Windows PowerShell snap-in, Quest ActiveRoles.

In my organization, I have chosen to organize my Active Directory (AD) organizational unit (OU) structure based on physical locations. A common challenge is that our technical support team does not always move computer accounts into the proper structure in Active Directory. Another issue is that computers may not be deleted from the domain when they are decommissioned. This confuses other processes that use Active Directory as their authoritative source for computer object information.

To tackle this issue, I created a Windows PowerShell script that runs as a batch process and will move the computer objects into OUs based on their IP addresses.

In my example, I am looking for only Windows 7 computers, but this can be flavored to match any selection criteria you need. The structure of the script is to do the following:

Check the operating system for Windows 7 (any version).
Check to see if the computer has been off the domain.
If the computer has been off the network for 60 days, move it to a “Disabled” OU.
If the computer has been off the network for 90 days, delete it.
Check for the last DNS registration of the computer, and move it to an OU based on its IP information.

We also need to define the IP subnets and the OU structure so that we can match the computer object’s IP information and move it to its correct location in AD.

First, we load the ActiveDirectory module as follows:

Import-Module ActiveDirectory

Next, we want to define two parameters for the age of the computers. I call these $old and $veryold, and for my example, I have set them as 60 days and 90 days respectively. You can adjust these easily to suit your needs.

$old = (Get-Date).AddDays(-60) # Modify the -60 to match your threshold

$veryold = (Get-Date).AddDays(-90) # Modify the -90 to match your threshold

Now the fun part! Because we will capture the IP information as a string and not an integer, this makes it a bit more challenging to figure out what subnet we are in. This example has three subnets, which are 192.168.1.0/24, 192.168.2.0/24 and 192.168.3.0/24. I have chosen class C subnets for this script to match my structure, but you may have to get more creative if you have a more complex network configuration.

We will define our IP range variables as Regular Expressions (or Regex as they are commonly known) so that we can match the characters appropriately. Sorry kids, but it is goodbye GUI and hello Regex for this stuff.

$Site1IPRange = "\b(?:(?:192)\.)" + "\b(?:(?:168)\.)" + "\b(?:(?:1)\.)" + "\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))" # 192.168.1.0/24

$Site2IPRange = "\b(?:(?:192)\.)" + "\b(?:(?:168)\.)" + "\b(?:(?:2)\.)" + "\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))" # 192.168.2.0/24

$Site3IPRange = "\b(?:(?:192)\.)" + "\b(?:(?:168)\.)" + "\b(?:(?:3)\.)" + "\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))" # 192.168.3.0/24

I know you are probably thinking it is time to just retrain the support staff to do this, right? Do not be frightened away just yet. Regex is easier than you may think once you use it more and can break it down into sensible chunks. It is as simple as reading a map (OK, that is not always simple).

Here Be Regex Dragons!

The key information we see is pretty readable. Because we know the first three octets are static we define them easily, as follows:

“\b(?:(?:192)\.)” + “\b(?:(?:168)\.)” + “\b(?:(?:1)\.)”

This shows us matching as 192.168.1., which takes care of the first three octets. Because it is a class C IP range, we want to capture from 0-255 in the fourth octet, which is done like this:

“\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))”

We read the string and look for matching of three distinct ranges, which are 0-199, 200-249, or 250-255. The OR is the important part of the phrasing, and it is represented by the | symbol, which is known as the “pipe” symbol to most.

Here is the breakdown of those three ranges:

250-255: 25[0-5]

200-249: 2[0-4][0-9]

0-199: [01]?[0-9][0-9]?

OK, we are through the tough part. Now we define the OU structure for the Disabled and the three locations:

$DisabledDN = "OU=Disabled,DC=yourdomain,DC=com"

$Site1DN = "OU=Site1,DC=yourdomain,DC=com"

$Site2DN = "OU=Site2,DC=yourdomain,DC=com"

$Site3DN = "OU=Site3,DC=yourdomain,DC=com"

This is where we begin the object query. Because we want to find out how “old” the computer account is, we will bring in the PasswordLastSet property from Active Directory, in addition to the default values. (Note that the native Microsoft parameter uses PasswordLastSet, whereas the Quest ActiveRoles parameter in yesterday's blog uses pwdLastSet.) This will tell us the last time the hidden password that is negotiated between the computer account and Active Directory has been reset. The default maximum duration is 30 days, so as long as a computer is connecting to the domain regularly it, should always be less than 30 days old.

If you want to modify the operating systems that get captured, you simply change the selection parameters of the Get-ADComputer query as shown here:

Get-ADComputer -Filter { OperatingSystem -like "Windows 7*" } -Properties PasswordLastSet | ForEach-Object {THE REST OF OUR SCRIPT GOES IN HERE }

Our script will query AD for each Computer object, and we will run the next bunch of processes against each object in the ForEach-Object loop. All of the following content is stored inside the curly brackets.

Let’s ignore any failure messages from the IP lookup with this:

trap [System.Net.Sockets.SocketException] { continue; }

We need to use the Computer name, DN, and PasswordLastSet so let’s set those as variables from the query result. We also want to capture the current container, so we use a simple Replace command to derive the current OU location:

$ComputerName = $_.Name

$ComputerDN = $_.DN

$ComputerPasswordLastSet = $_.PasswordLastSet

$ComputerContainer = $ComputerDN.Replace( "CN=$ComputerName," , "")

Now we can work with the Computer account age and delete or move them as necessary:

# If the computer is more than 90 days off the network, remove the computer object

if ($ComputerPasswordLastSet -le $veryold) {

Remove-ADObject -Identity $ComputerDN

}

# Check to see if it is an "old" computer account and move it to the Disabled\Computers OU

if ($ComputerPasswordLastSet -le $old) {

$DestinationDN = $DisabledDN

Move-ADObject -Identity $ComputerDN -TargetPath $DestinationDN

}

Next, we query DNS for the IP address of the computer. We will set the $IP value as $NULL first, so that if the query fails it will be dealt with correctly later in the process. If we don’t set the NULL value, it retains the IP from the last lookup, and it will move the computer incorrectly.

$IP = $NULL

$IP = [System.Net.Dns]::GetHostAddresses("$ComputerName")

Now it is time to check for the IP range to set the destination DN accordingly. If you have a majority of systems in some network ranges, you may want to move those up to the top of the If statement so that they are processed early, which will save some time:

if ($IP -match $Site1IPRange) {

$DestinationDN = $Site1DN

}

ElseIf ($IP -match $Site2IPRange) {

$DestinationDN = $Site2DN

}

ElseIf ($IP -match $Site3IPRange) {

$DestinationDN = $Site3DN

}

Else {

# If the subnet does not match we should not move the computer so we do Nothing

$DestinationDN = $ComputerContainer

}

And here is the last step to actually move the object to the new destination OU. This is where our NULL IP comes into play because we have assumed that if the IP is NULL, it is “off network” and the aged account process has already dealt with it:

if ($IP -ne $NULL) {

Move-ADObject -Identity $ComputerDN -TargetPath $DestinationDN

}

And we made it! Another exciting tip with this script is you can run all of the ADObject cmdlets with the WhatIf parameter, which will output the result to the screen rather than perform the move or delete, so you can test drive the script before you implement it.

Here is this script in its full form from the TechNet Resources Gallery.

Thank you, Eric. This has been a great series. I appreciate you taking the time to share your knowledge with us.

I invite you to follow me on Twitter and Facebook. If you have any questions, send email to me at scripter@microsoft.com, or post your questions on the Official Scripting Guys Forum. See you tomorrow. Until then, peace.

Ed Wilson, Microsoft Scripting Guy

Use PowerShell to Move Computers Based on IP Addresses: Part 1

Anonymous — Sat, 03 Dec 2011 06:00:00 GMT

Summary: In this guest blog post written by Eric Wright, you will learn how to use the Windows PowerShell snap-in, Quest ActiveRoles, to move computers that are organized in Active Directory, based on their IP addresses.

Microsoft Scripting Guy, Ed Wilson, is here. Guest Blogger Weekend continues. Today we have a guest blog written by Eric Wright. Here is what Eric has to say about himself.

Note: This script uses the Windows PowerShell snap-in, Quest ActiveRoles. This process will work with any version of Windows Server, but you must use Quest ActiveRoles if you are running a version earlier than Windows Server 2008 R2 on your domain controllers. Tomorrow in Part 2 of this blog, I document the exact process, but we use Active Directory domain controllers with Windows Server 2008 R2 or the Active Directory Management Gateway Service.

To tackle this issue, I created a Windows PowerShell script that runs as a batch process and will move the computer objects into OUs based on their IP addresses.

In my example, I am looking for only Windows 7 computers, but this can be flavored to match any selection criteria you need. The structure of the script is to do the following:

Check the operating system for Windows 7 (any version).
Check to see if the computer has been off the domain.
If the computer has been off the network for 60 days, move it to a “Disabled” OU.
If the computer has been off the network for 90 days, delete it.
Check for the last DNS registration of the computer, and move it to an OU based on its IP information.

For our script to work, we need to have the Windows PowerShell snap-in, Quest ActiveRoles, installed on the computer that will be running the script for us.

If you are running Active Directory Domain Controllers with Windows Server 2008 R2, you can use the native ActiveDirectory Windows PowerShell module. I will post the script for using the Windows Server 2008 R2 module tomorrow in part 2 of this series.

We will also need to define the IP subnets and the OU structure so that we can match the computer object’s IP information and move it to its correct location in AD.

First we load the Quest ActiveRoles snap-in as shown here:

Add-PsSnapIn Quest.ActiveRoles.ADManagement -ErrorAction SilentlyContinue

$old = (Get-Date).AddDays(-60) # Modify the -60 to match your threshold

$veryold = (Get-Date).AddDays(-90) # Modify the -90 to match your threshold

Now the fun part! Because will capture the IP information as a string and not as an integer, this makes it a bit more challenging to figure out what subnet we are in. This example has three subnets: 192.168.1.0/24, 192.168.2.0/24, and 192.168.3.0/24. I have chosen class C subnets for this script to match my structure, but you may have to get more creative if you have a more complex network configuration.

We will define our IP range variables as regular expressions (or Regex as they are commonly known), so that we can match the characters appropriately. Sorry kids, but it is goodbye GUI and hello Regex for this stuff.

$Site1IPRange = "\b(?:(?:192)\.)" + "\b(?:(?:168)\.)" + "\b(?:(?:1)\.)" + "\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))" # 192.168.1.0/24

$Site2IPRange = "\b(?:(?:192)\.)" + "\b(?:(?:168)\.)" + "\b(?:(?:2)\.)" + "\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))" # 192.168.2.0/24

$Site3IPRange = "\b(?:(?:192)\.)" + "\b(?:(?:168)\.)" + "\b(?:(?:3)\.)" + "\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))" # 192.168.3.0/24

Here Be Regex Dragons!

The key information we see here is pretty readable. Because we know the first three octets are static, we define them easily, as follows:

“\b(?:(?:192)\.)” + “\b(?:(?:168)\.)” + “\b(?:(?:1)\.)”

This shows us matching as 192.168.1., which takes care of the first three octets. Because it is a class C IP range, we want to capture from 0-255 in the fourth octet, which is done like this:

“\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))”

Here is the breakdown of those three ranges:

250-255: 25[0-5]

200-249: 2[0-4][0-9]

0-199: [01]?[0-9][0-9]?

OK, we are through the tough part. Now we define the OU structure for the Disabled and the three locations:

$DisabledDN = "OU=Disabled,DC=yourdomain,DC=com"

$Site1DN = "OU=Site1,DC=yourdomain,DC=com"

$Site2DN = "OU=Site2,DC=yourdomain,DC=com"

$Site3DN = "OU=Site3,DC=yourdomain,DC=com"

This is where we begin the object query. Because we want to find out how “old” the computer account is, we will bring in the pwdLastSet property from Active Directory, in addition to the default values. (Note that the Quest ActiveRoles parameter uses pwdLastSet, whereas the native Microsoft parameter in tomorrow’s blog uses PasswordLastSet.) This will tell us the last time the hidden password that is negotiated between the computer account and Active Directory has been reset. The default maximum duration is 30 days, so as long as a computer is connecting to the domain regularly, it should always be less than 30 days old.

If you want to modify the operating systems that get captured, you simply change the selection parameters of the Get-QADComputer query as shown here:

Get-QADComputer -ComputerRole member -IncludedProperties pwdLastSet -SizeLimit 0 -OSName 'Windows 7*' | ForEach-Object { THE REST OF OUR SCRIPT GOES IN HERE }

Let’s ignore any failure messages from the IP lookup with this:

trap [System.Net.Sockets.SocketException] { continue; }

We need to use the Computer name, DN, and pwdLastSet, so let’s set those as variables from the query result. We also want to capture the current container, so we use a simple Replace command to derive the current OU location:

$ComputerName = $_.Name

$ComputerDN = $_.DN

$ComputerPasswordLastSet = $_.pwdLastSet

$ComputerContainer = $ComputerDN.Replace( "CN=$ComputerName," , "")

Now we can work with the Computer account age and delete or move them as necessary:

# If the computer is more than 90 days off the network, remove the computer object

if ($ComputerPasswordLastSet -le $veryold) {

Remove-QADObject -Identity $ComputerDN

}

# Check to see if it is an "old" computer account and move it to the Disabled\Computers OU

if ($ComputerPasswordLastSet -le $old) {

$DestinationDN = $DisabledDN

Move-QADObject -Identity $ComputerDN -NewParentContainer $DestinationDN

}

Next, we query DNS for the IP address of the computer. We will set the $IP value as $NULL first, so that if the query fails, it will be dealt with correctly later in the process. If we don’t set the NULL value, it retains the IP from the last lookup, and it will move the computer incorrectly.

$IP = $NULL

$IP = [System.Net.Dns]::GetHostAddresses("$ComputerName")

if ($IP -match $Site1IPRange) {

$DestinationDN = $Site1DN

}

ElseIf ($IP -match $Site2IPRange) {

$DestinationDN = $Site2DN

}

ElseIf ($IP -match $Site3IPRange) {

$DestinationDN = $Site3DN

}

Else {

# If the subnet does not match we should not move the computer so we do nothing

$DestinationDN = $ComputerContainer

}

Let’s do a health check on our IP selection:

if ($IP -ne $NULL) {

Move-QADObject -Identity $ComputerDN -NewParentContainer $DestinationDN

}

And we made it! Another exciting tip with this script is that you can run all of the QADObject cmdlets with the WhatIf parameter, which will output the result to the screen rather than perform the move or delete, so you can test drive the script before you implement it.

You can download the script in its full form from the TechNet Resources Gallery.

~Eric

Thank you, Eric. This is a really cool solution to a rather common problem. I am looking forward to part 2 tomorrow from Eric.

Ed Wilson, Microsoft Scripting Guy

Use PowerShell and Regular Expressions to Parse Handle Output

Anonymous — Fri, 16 Sep 2011 05:00:00 GMT

Summary: Windows PowerShell superhero BATCHman uses regular expressions to parse output from handle.

Microsoft Scripting Guy Ed Wilson here. Today we have Episode 10 of the BATCHman series.

Whenever trouble happens in systems and people will call,
and darkness rolls out causing your fall,
Creatures of bits roam in the night,
Shine to the sky, the bright bluish light,

and call to…BATCHman !

…and, oh yes, his sidekick Boy Blunder Cmdlet, too.

A smell rolls out from the darkness. An evil smell.

“Don’t look at me!” Cmdlet looks defensively “I didn’t do it!”

The BATCHman looks intensely at his “BATCH-o-Meter for Evil Detecting.” “No, little buddy, it’s the smell of evil afoot. Somewhere in this city, a crime against infrastructure is occurring. I can feel it, I can smell it…”

***Meanwhile, in a far smellier section of the city, evil is afoot at the Redmond Pocket Protector Recycling Plant.***

“Our backup has failed again! Why??!”

Jane the local IT pro/accountant/phone guru/everything else stares at the logs. “More than 3,000 files not backed up again! All Word and Excel documents! Why?!!”

In the distance, somewhere within the shadows, a mad cackle can be heard. The sound of a shrieking creature, perhaps a Banshee or just a squirrel that listened to a bit too much disco music. But a horrid sound echoed throughout the building.

“Your files are all MINE! MIIIIIIINNNNNEEEE!!! Your backup will never work again! Hee-hee-hee-hee!” the sound echoed ominously.

Out of the corner of her eye, Jane spotted a shadow slither into the darkness. Immediately, she knew what to do. Grabbing her smart phone and popping open Twitter, she pinged the one person that could help her in this dire hour.

***Meanwhile, in a far less smelly section of the city, evil is not afoot.***

Sounds of a budgie echoed throughout the BATCHcave.

“Holy shrieking parakeets, BATCHman! It’s the BATCHtweet account!”

Quickly popping open a module in the BATCHbelt, BATCHman checked for his updates.

“No, I don’t want a million dollars. No, I don’t want a free crate of Tang. Cmdlet! I was right! There was evil afoot and I’m not talking about what you had for lunch! Look.”

@JaneITGuru @Batchman! Quick! Help! Backups failing daily! Too many open files! Shrieking! Help me BATCHman!

“Looks like that new Twitter account paid off, BATCHman. Glad I suggested it!”

“Yes Cmdlet! Quickly! To the BATCHcycles!”

Cmdlet stared at the blue tricycle with “Cmdlet“ written on the side in permanent marker. “Must we?”

“We’re a green organization here!” cried BATCHman as he mounted his 40-speed carbon fiber, midnight blue special “Quickly! Crime waits for no-one!”

***Moments later, Cmdlet is huffing and puffing.***

“Huff…puff…no more…*gasp*…Double Downs for…*ack*…breakfast!” gasped Cmdlet between breaths.

Jane looked out to greet BATCHman and the heavily sweating Cmdlet at the door. “Oh, thank goodness you’re here! None of our backups are working on the file server! It’s failing because there are documents open when they shouldn’t be! Plus there’s this noise.”

BATCHman steps off, listening keenly to the air. The shrieking cackling sound could be heard ominously throughout the building.

“I’d know that sound anywhere.” BATCHman shook his head. “That’s the Tapeworm! I remember this criminal from an article in BadGuys Weekly.”

“The Tapeworm?” Jane queried.

“Yes. He was once a brilliant IT professional, but his mind went and snapped one day. He was manning the backups and spent twenty hours restoring an email database from QIC-20 tapes, only to find it was because somebody wanted a cat picture. Since that day, Tapeworm attaches himself to file systems and ruins backups.”

“Holy, Hello Kitty!” burst out Cmdlet “I had no idea cats were so evil!”

“Yes, so what is happening here. I heard ‘failed backups.’”

Jane gestured to the backup logs indicating failures due to open files.

“We’ve even tried selecting the open files in Computer Management, but it takes far too long to enumerate! Plus massive piles of different documents are reopened daily before the backup.”

“BATCHman!” burst out Cmdlet “We’ve got to help her get a handle on this!”

“Yes,” the Tilley-hatted one muttered. “Funny you should mention ‘Handle’. That’s the perfect answer.”

Poor Cmdlet stared at the floor confused. Deciding to practice telekinesis on his shoelaces was more productive. “I don’t get it,” was all he muttered.

“Handle as in Handle.exe from Sysinternals. We could use that to close the files!”

Cmdlet groaned in dismay as yet another horrible joke left BATCHman’s lips. “Holy PUNishment, BATCHman—that was horrible!”

Our hero smiled with a sly grin. Another well-played play on words.

Jane looked up. “But BATCHman. I already thought of that. We need something that can be automated. That application can’t be automated. Normally you run it, it shows the open file Handles in HEX with the process numbers, and then you manually run it again like this to close a file handle.”

HANDLE.EXE –c 2a3 –p 5342

Our hero stood up proudly. “For ordinary people and mere mortals, no. But for us, the kings of automation, we have…” he paused ever so dramatically while pulling out a megaphone “WINDOWS POWERSHELL!”

While rubbing their ears, they looked at BATCHman equally puzzled. “Automate it how?”

BATCHman looked over. “Remember the first rule of Windows PowerShell, which is…”

“Ooooh! Ooooooooo!” Cmdlet jumped up and down like a gerbil on a hot coal “I know! Everything is an object!”

“Exactly! If I ran Handle while in Windows PowerShell and got some output like this…”

”...we’d notice there is a consistent pattern of well-formatted columns. So what we could do is store the output in a Windows PowerShell variable to play with it like this.”

$ScreenOutput=.\HANDLE.EXE DOCX

Cmdlet stared at the screen with Jane then burst out. “HOLY PATTERN BUFFER BATCHman! Every line has ‘PID:’ before the Process ID and the word ‘File’ with a pile of blank spaces before the File Handle! If we could somehow pull out the numbers after PID and FILE we’d be halfway there. But we need to clean all the extra stuff out too, like the title.”

BATCHman looked at his sidekick. “So what do you think we could do to simplify this output?”

Cmdlet rubbed his hands eagerly at the thought of solving the puzzle. “I’ll wager we could run this output through Select-String to pull only the lines that have the pid: field in it!”

$ScreenOutput | SELECT-STRING –pattern ‘pid: ’

Cmdlet began to dance a jig like a leprechaun who’d gotten away with his box of Lucky Charms. “W0000000t! Aha!”

“That’s good but we can go one step better. With the \w from regular expressions, we can tell the string to find us all letters up to but not counting spaces. We’ll add an asterisk, which means all characters following that match this pattern. We can store away the results in a variable to make it easier to work and manipulate.”

$ProcessIDResults=$ScreenOutput | SELECT-STRING –pattern ‘pid: [\w]*’

Cmdlet thought. “So we could run a similar search for lines beginning with File, but how do we specify to find all data after that up until the colon character that follows the file Handle?

BATCHman explained. “In regular expressions, you can also specify the pattern of \s\S, which means accept any character including spaces. Doing this we can pull down only the data we need. We can tell it to search for all data beginning with File and ending with a colon, like this.”

$FileHandleResults=$ScreenOutput | SELECT-STRING –pattern ‘File [s\S]*?:’

Cmdlet looked. “So regular expressions can be used in many situations, BATCHman, but how does this help us? We need to get this information back to the Handle program!”

“Never fear, little chum. Let’s see which methods and properties we have available with a Get-Member.”

$ProcessIDResults | GET-MEMBER

“As you can see, like when we battled Dr. Regex, there is a Matches property. Let’s take a look at the data in one of those."

$ProcessIDResults[0].matches[0]

“And of course, if we run Get-Member against this, we can see which methods and properties are available on this object.”

$ProcessIDResults[0].matches[0] | GET-MEMBER

Cmdlet’s eyes lit up when he saw tostring() as a method. He knew from his previous experiences with string objects in Windows PowerShell there was a substring() method available.

“BATCHman! We could convert each match to a string! And because we know the data is from the Matches object, we could run a substring() on the output!” Cmdlet barked out like a chihuahua.

Before BATCHman could reply, a loud blaring klaxon went off. Flashing neon lights lit the city streets!

“Oh, no!” burst out BATCHman. “That’s the alarm on the WinMobile! Somebody’s gotten to it!” as he barreled down the stairs.

Will BATCHman find the WinMobile intact?
Will Cmdlet finalize the solution for Handle?
Will Tapeworm ever get a speaking part?

Find out at the same BATCHtime, same BATCHchannel in the next episode of BATCHman and Cmdlet!

Ed Wilson, Microsoft Scripting Guy

BATCHman Uses PowerShell to Thwart Dr. Regex and Save the Zoo

Anonymous — Fri, 02 Sep 2011 05:00:00 GMT

Summary: In this exciting episode, BATCHman uses Windows PowerShell and regular expressions to thwart the evil Dr. Regex and save the monkeys.

Microsoft Scripting Guy, Ed Wilson, is here. Sean Kearney is back with us for three more episodes of the thrilling BATCHman series. Today is Episode 4.

Whenever trouble happens in systems and people will call,
and darkness rolls out causing your fall,
Creatures of bits roam in the night,
Shine to the sky, the bright bluish Light,

and call to…BATCHman !

…and, oh yes, his sidekick Boy Blunder Cmdlet, too.

In Today’s Episode, BATCHman Encounters Doctor Regex!

Cutting through the midnight blue sky, a beacon for justice, a light for freedom calls out!

“Holy shell, BATCHman! It’s the BATCHsignal! We have…”

“Ahem, Cmdlet, I would suggest you watch your language there. This is after all a ‘G’ rated blog post.”

“But but, I…I…ugh…yes, BATCHman,” he sullenly bowed in defeat. “Shall I fire up the WinMobile?”

“No, but you can start it,” snickered our hero. “To the WinMobile!”

Buckling under the weight of our heroes, the WinMobile moved off. “Thank goodness it’s made of Gorilla Glass,” muttered Cmdlet.

Meanwhile, somewhere else in the city of Redmond, evil has placed a call. The arch criminal simply known as the dreaded Dr. Regex has visited. Cursed after too many nights of writing parse queries, our arch villain only speaks in riddles of Regex. He has taken the team at the local Redmond Zoo by surprise. All the cages are being unlocked, potentially unleashing the vicious GUI eating SAPIEN monkeys! Our arch villain dances off on top of the cages laughing maniacally in an oddly cheeseburger colored jumpsuit with his big “!” symbol. “Muah ha haaaaa!”

The only passcode to the electronic Chubb lock system has been left somewhere in this cryptic riddle left on Notepad on the desktop of the main server:

Evil may Come And Evil May Go
The BATCHman Will Seek, be Fast Or Be Slow
But Soon On the Day The pass It Must Be
The word Should He Say, To Not Set Them Free
is The BATCHman Too Smart, Or Is He Not Bright?
under The Stars And Under the Light!
The key We Shall See, Unlocking This Clue
Will chain Them All Down, Or Let Them Run Through

Signed ^[Dr!Regex]^

BATCHman and Cmdlet arrive on the scene, the sound of Monkeys about to tear scripts apart. Cmdlet stared at the riddle. “Holy twisted blisters, BATCHman! That must have worn out somebody’s fingers typing! What a bizarre rid…”

“….bizarre clue!” corrected BATCHman “Yes. Yes, indeed. What a strange person. There must be some type of pattern in this clue. Something usual to the naked human eye, something I can’t quite see, some…”

“BATCHman! It appears only certain words start with a lowercase letter!”

“Cmdlet! Excellent ! How did you spot it so quickly?”

“It’s written here in the plot, page 5, line 7…”

BATCHman looks down scratching his cowl. “Ah, so it is.”

“So we could just write down every word,” suggested Cmdlet.

“Pah! And waste a good chance to use Windows PowerShell? Never! This is a perfect opportunity to use regular expressions to find those matches! First, we need to identify the pattern. We need all words starting with a lowercase letter only. Within regular expressions, that would be a matter of specifying that the first letter is from a to z only like this.”

[a-z]

“And then we’ll need to specify it’s at the beginning of the word.”

\b[a-z]

“Then we’ll specify that the word must be at least two letters long if we find it, but can be as long as we want. This should trap our series of words.”

\b[a-z]{2,}

“With this in place, Cmdlet, we need to pipe the information from the text file into a Select-String statement like this.”

GET-CONTENT C:\EVILCLUE.TXT | SELECT-STRING ‘\b[a-z]{2,}’

Cmdlet sat there cross-legged watching the magic unfold. “But how do we tell it to look for more than one instance, BATCHman? How does it know it is lowercase?”

“Presently it doesn’t, but it will if we add more parameters to our Select-String. One is -allmatches in case there is more than one instance per line. The other is -casesensitive because Select-String by default just does a –match which doesn’t care about uppercase or lowercase.”

GET-CONTENT C:\EVILCLUE.TXT | SELECT-STRING ‘\b[a-z]{2,}’ –casesensitive –allmatches

Cmdlet looked and laughed. “Holy foot in mouth! The output is the same!”

The BATCHman smiled. “Not quite. If we run Get-Member against this output, you’ll see something different.”

GET-CONTENT C:\EVILCLUE.TXT | SELECT-STRING ‘\b[a-z]{2,}’ –casesensitive –allmatches | GET-MEMBER

“This, Cmdlet, is not just a string. We can see there are properties such as Matches. If we were to look at the properties of Matches, we mind find something interesting.”

GET-CONTENT C:\EVILCLUE.TXT | SELECT-STRING ‘\b[a-z]{2,}’ –casesensitive –allmatches | SELECT-OBJECT Matches

“Holy obvious! Do you mean…” looking to his left Cmdlet lifts the keychain to the old cages. A Big envelope with the words “^[Dr!Regex]^” is written on it. He bites it open and his mouth drops sullenly.

“What is it, Cmdlet?”

“Another clue. Awww, come on!!!” Cmdlet stomps about like a little child having a hissy fit showing the new clue to BATCHman.

Remove ME now and unlock the clue

‘meHeymeheymewemearemethemescriptmemonkeesmeandmepeoplemesaymewemearemescriptingmeawayme’

BATCHman looks. “I’m seeing an awful lot of ME in this particular line. I will bet we could just use a –replace on it!

“What’s that?”

Seating himself down in front of the Windows PowerShell console, he explains. “Replace is another part of regular expressions where we can replace one thing with another.”

‘meHeymeheymewemearemethemescriptmemonkeesmeandmepeoplemesaymewemearemescriptingmeawayme’ –replace ‘me’,’’

“That will replace every reference of me with nothing, which gives us this result.”

Heyheywearethescriptmonkeesandpeoplesaywearescriptingaway

“Cmdlet, please try this password on the Chubb security system. I’m sure you’ll find it works; just press the Lock All Cages button.”

Soon echoing through the Redmond Zoo, massive sounds of *KLANG* echo throughout with the odd *yelp* as the occasional finger gets pinched on closing doors.

With one loud *THUD*, Dr. Regex falls into bushes below. “Waaaaihihghghhgih!!”

The keeper of the Redmond Zoo looks up. “Oh, BATCHman! How can ever thank you?”

“Easy, good citizen. One, do not put your master security password under a set of keys to the Monkey House and…do you have something I could scrape my shoes on? I think I stepped on something near the cages.”

Thanks, Sean, for another exciting episode of BATCHman! Join us tomorrow for Episode 5.

Ed Wilson, Microsoft Scripting Guy

Use PowerShell Regular Expressions to Parse an RSS Feed

Anonymous — Fri, 04 Mar 2011 06:00:00 GMT

Summary : Learn how to use Windows PowerShell regular expressions to parse an RSS feed. Hey, Scripting Guy! How can I find patterns in text with regular expressions when I am unsure of where line breaks will occur in the text I am reading? —TT Hello...(read more)

Use PowerShell Regular Expressions to Format Numbers

Anonymous — Thu, 03 Mar 2011 06:00:00 GMT

Summary : Microsoft MVP, Tome Tanasovski, shows how to use regular expression lookaheads and lookbehinds in Windows PowerShell to format numbers. Hey, Scripting Guy! How do I use a regular expression to add the appropriate commas to a number? —TT...(read more)